package org.xbib.net.http.server.netty.secure;

import io.netty.buffer.ByteBufAllocator;
import io.netty.handler.ssl.SniHandler;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.util.Mapping;
import java.util.Arrays;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import org.xbib.net.http.HttpAddress;

/* loaded from: input_file:org/xbib/net/http/server/netty/secure/ServerNameIndicationHandler.class */
public class ServerNameIndicationHandler extends SniHandler {
    private static final Logger logger = Logger.getLogger(ServerNameIndicationHandler.class.getName());
    private final NettyHttpsServerConfig serverConfig;
    private final HttpAddress httpAddress;
    private SslHandler sslHandler;

    public ServerNameIndicationHandler(NettyHttpsServerConfig nettyHttpsServerConfig, HttpAddress httpAddress, Mapping<? super String, ? extends SslContext> mapping) {
        super(mapping);
        this.serverConfig = nettyHttpsServerConfig;
        this.httpAddress = httpAddress;
    }

    public SslHandler getSslHandler() {
        return this.sslHandler;
    }

    protected SslHandler newSslHandler(SslContext sslContext, ByteBufAllocator byteBufAllocator) {
        this.sslHandler = createSslHandler(sslContext, byteBufAllocator);
        return this.sslHandler;
    }

    private SslHandler createSslHandler(SslContext sslContext, ByteBufAllocator byteBufAllocator) {
        SslHandler newHandler = sslContext.newHandler(byteBufAllocator);
        SSLEngine engine = newHandler.engine();
        SSLParameters sSLParameters = engine.getSSLParameters();
        sSLParameters.setEndpointIdentificationAlgorithm("HTTPS");
        sSLParameters.setEnableRetransmissions(this.serverConfig.isRetransmissionEnabled());
        sSLParameters.setCipherSuites(this.serverConfig.getCipherSuites(this.httpAddress));
        sSLParameters.setMaximumPacketSize(this.serverConfig.getMaximumPacketSize());
        sSLParameters.setUseCipherSuitesOrder(this.serverConfig.isUseCipherSuiteOrdered());
        sSLParameters.setAlgorithmConstraints(this.serverConfig.getAlgorithmConstraints());
        sSLParameters.setNeedClientAuth(this.serverConfig.isNeedsClientAuth());
        sSLParameters.setNeedClientAuth(this.serverConfig.isWantsClientAuth());
        engine.setSSLParameters(sSLParameters);
        String[] protocols = this.serverConfig.getProtocols(this.httpAddress);
        logger.log(Level.FINER, () -> {
            return "enabled TLS protocols in SSL engine = " + Arrays.asList(protocols);
        });
        engine.setEnabledProtocols(protocols);
        logger.log(Level.FINER, () -> {
            return "enabled application protocol negotiator protocols = " + sslContext.applicationProtocolNegotiator().protocols();
        });
        return newHandler;
    }
}
