package com.inet.webserver;

import com.inet.config.ConfigKey;
import com.inet.config.ConfigValue;
import com.inet.http.ExpandableHttpSessionListener;
import com.inet.http.ExpandableServletContextListener;
import com.inet.http.ExpandableServletRequestListener;
import com.inet.http.PluginDispatcherServlet;
import com.inet.lib.util.EncodingFunctions;
import com.inet.lib.util.StringFunctions;
import com.inet.logging.LogID;
import com.inet.plugin.ServerPluginManager;
import com.inet.webserver.structure.WebConfigKeys;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.concurrent.ForkJoinPool;
import javax.annotation.Nonnull;
import javax.annotation.SuppressFBWarnings;
import javax.net.ssl.KeyManagerFactory;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory;
import org.eclipse.jetty.ee8.nested.ErrorHandler;
import org.eclipse.jetty.ee8.nested.Request;
import org.eclipse.jetty.ee8.servlet.ServletContextHandler;
import org.eclipse.jetty.ee8.servlet.ServletHolder;
import org.eclipse.jetty.ee8.websocket.javax.server.config.JavaxWebSocketServletContainerInitializer;
import org.eclipse.jetty.http.HttpCookie;
import org.eclipse.jetty.http.HttpFields;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.UriCompliance;
import org.eclipse.jetty.http2.HTTP2Cipher;
import org.eclipse.jetty.http2.RateControl;
import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory;
import org.eclipse.jetty.server.AbstractNetworkConnector;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.ConnectionMetaData;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.RequestLog;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.server.handler.InetAccessHandler;
import org.eclipse.jetty.server.handler.gzip.GzipHandler;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.MultiMap;
import org.eclipse.jetty.util.UrlEncoded;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.util.thread.QueuedThreadPool;

/* loaded from: input_file:com/inet/webserver/b.class */
public class b extends Server {
    private ArrayList<ListenerConnector> g;
    private static final ConfigValue<Integer> h = new ConfigValue<>(ConfigKey.MAX_CONCURRENT_REQUESTS);
    private static final ConfigValue<Integer> i = new ConfigValue<>(ConfigKey.MAX_HTTP_REQUESTS);
    static final ConfigValue<String> j = new ConfigValue<>(WebConfigKeys.LISTENER_CONTEXT);
    private static final ArrayList<SslContextFactory> k = new ArrayList<>();
    private static final ArrayList<Connector> l = new ArrayList<>();

    public b(ArrayList<ListenerConnector> arrayList) {
        this.g = arrayList;
    }

    public void b() throws IOException {
        int availableProcessors = Runtime.getRuntime().availableProcessors();
        int i2 = availableProcessors / 4;
        int i3 = availableProcessors / 2;
        int max = Math.max(1, Math.min(2, i2));
        int max2 = Math.max(1, Math.min(4, i3));
        int i4 = 0;
        int i5 = 0;
        Iterator<ListenerConnector> it = this.g.iterator();
        while (it.hasNext()) {
            try {
                a(it.next(), max, max2);
                i4 += max;
                i5 += max2;
            } catch (GeneralSecurityException e) {
                throw new IOException(e);
            }
        }
        int intValue = ((Integer) i.get()).intValue() + i4 + i5;
        QueuedThreadPool threadPool = getThreadPool();
        threadPool.setMaxThreads(Math.max(intValue, 2 + i4 + i5));
        threadPool.setIdleTimeout(10000);
        ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection(new ContextHandler[0]);
        GzipHandler gzipHandler = new GzipHandler();
        gzipHandler.addExcludedMimeTypes(new String[]{"application/x-msi", "application/x-apple-diskimage", "application/x-redhat-package", "application/vnd.debian.binary-package", "application/java-archive"});
        gzipHandler.setMinGzipSize(256);
        gzipHandler.addIncludedMethods(new String[]{"GET", "POST"});
        gzipHandler.setHandler(contextHandlerCollection);
        setHandler(gzipHandler);
        final ExpandableServletRequestListener expandableServletRequestListener = new ExpandableServletRequestListener();
        ExpandableHttpSessionListener expandableHttpSessionListener = new ExpandableHttpSessionListener();
        ExpandableServletContextListener expandableServletContextListener = new ExpandableServletContextListener();
        PluginDispatcherServlet pluginDispatcherServlet = new PluginDispatcherServlet();
        ErrorHandler errorHandler = new ErrorHandler() { // from class: com.inet.webserver.b.1
            public boolean errorPageForMethod(String str) {
                return true;
            }

            public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
                Throwable th = (Throwable) httpServletRequest.getAttribute("javax.servlet.error.exception");
                if (th != null) {
                    c.o.error(th);
                }
                super.handle(str, request, httpServletRequest, httpServletResponse);
            }
        };
        errorHandler.setShowStacks(false);
        errorHandler.setShowServlet(false);
        for (AbstractNetworkConnector abstractNetworkConnector : getConnectors()) {
            if (!l.contains(abstractNetworkConnector)) {
                ServletContextHandler servletContextHandler = new ServletContextHandler(1) { // from class: com.inet.webserver.b.2
                    protected void startContext() throws Exception {
                        getServletContext().addListener(expandableServletRequestListener);
                        super.startContext();
                    }
                };
                servletContextHandler.setDisplayName("Jetty");
                servletContextHandler.setContextPath((String) j.get());
                servletContextHandler.getServletContext().setAttribute("javax.servlet.context.tempdir", new File(System.getProperty("java.io.tmpdir")));
                servletContextHandler.setBaseResourceAsPath(Path.of("", new String[0]));
                servletContextHandler.setErrorHandler(errorHandler);
                servletContextHandler.getSessionHandler().setMaxInactiveInterval(1800);
                servletContextHandler.getSessionHandler().getSessionCookieConfig().setHttpOnly(true);
                servletContextHandler.getServletContext().setAttribute("SameSite", c());
                servletContextHandler.getSessionHandler().addEventListener(expandableHttpSessionListener);
                servletContextHandler.addEventListener(expandableServletContextListener);
                JavaxWebSocketServletContainerInitializer.configure(servletContextHandler, (JavaxWebSocketServletContainerInitializer.Configurator) null);
                servletContextHandler.addServlet(new ServletHolder(pluginDispatcherServlet), "/");
                servletContextHandler.setInitParameter("org.eclipse.jetty.session.SessionCookie", "SESSIONID" + abstractNetworkConnector.getPort());
                servletContextHandler.setVirtualHosts(new String[]{"@" + abstractNetworkConnector.getName()});
                contextHandlerCollection.addHandler(servletContextHandler);
            }
        }
        String property = ServerPluginManager.getInstance().getStartProperties().getProperty("clientIP");
        if (property != null) {
            InetAccessHandler inetAccessHandler = new InetAccessHandler() { // from class: com.inet.webserver.b.3
                protected boolean onConditionsNotMet(org.eclipse.jetty.server.Request request, Response response, Callback callback) throws Exception {
                    String str = "Access blocked request from: " + request.getConnectionMetaData().getRemoteSocketAddress();
                    System.out.println(str);
                    c.o.error(str);
                    return super.onConditionsNotMet(request, response, callback);
                }
            };
            inetAccessHandler.include(property.split("[,;]"));
            inetAccessHandler.setHandler(getHandler());
            setHandler(inetAccessHandler);
        }
        setRequestLog(new RequestLog() { // from class: com.inet.webserver.b.4
            public void log(org.eclipse.jetty.server.Request request, Response response) {
                if (c.o.isInfo()) {
                    ConnectionMetaData connectionMetaData = request.getConnectionMetaData();
                    HttpFields headers = request.getHeaders();
                    String str = headers.get(HttpHeader.CONTENT_TYPE);
                    String method = request.getMethod();
                    String asString = request.getHttpURI().asString();
                    if (StringFunctions.isEmpty(method)) {
                        asString = connectionMetaData.getLocalSocketAddress().toString();
                    }
                    if ("POST".equalsIgnoreCase(method)) {
                        String query = request.getHttpURI().getQuery();
                        if (!StringFunctions.isEmpty(query)) {
                            MultiMap multiMap = new MultiMap();
                            UrlEncoded.decodeTo(query, multiMap, (Charset) null);
                            String string = multiMap.getString("method");
                            if (string != null) {
                                asString = asString + "?method=" + EncodingFunctions.encodeUrlParameter(string);
                            }
                        }
                    } else {
                        String query2 = request.getHttpURI().getQuery();
                        if (!StringFunctions.isEmpty(query2)) {
                            asString = asString + "?" + query2;
                        }
                    }
                    String str2 = headers.get("X-Forwarded-For");
                    if (str2 == null) {
                        str2 = connectionMetaData.getRemoteSocketAddress().toString();
                    }
                    c.o.info(str2 + " \"" + method + " " + asString + " " + connectionMetaData.getHttpVersion() + "\" " + response.getStatus() + " " + response.getHeaders().get(HttpHeader.CONTENT_LENGTH) + " \"" + str + "\" \"" + headers.get("user-agent") + "\"");
                }
            }
        });
    }

    @Nonnull
    private static Object c() {
        String str = (String) ConfigKey.COOKIE_SAME_SITE.getCurrent();
        for (HttpCookie.SameSite sameSite : HttpCookie.SameSite.values()) {
            if (sameSite.getAttributeValue().equalsIgnoreCase(str)) {
                return sameSite;
            }
        }
        return HttpCookie.SameSite.LAX;
    }

    private void a(ListenerConnector listenerConnector, int i2, int i3) throws GeneralSecurityException, IOException {
        ServerConnector serverConnector;
        Connector addHttp3Connector;
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setRequestHeaderSize(65536);
        httpConfiguration.setResponseHeaderSize(65536);
        httpConfiguration.setSendServerVersion(false);
        httpConfiguration.setSendXPoweredBy(false);
        httpConfiguration.setUriCompliance(UriCompliance.LEGACY);
        ConnectionFactory httpConnectionFactory = new HttpConnectionFactory(httpConfiguration);
        if (ListenerSettings.CONNECTIONTYPE_SECURE.equals(listenerConnector.getType())) {
            httpConfiguration.addCustomizer(new SecureRequestCustomizer(false));
            f sslCertificateReader = listenerConnector.getSslCertificateReader();
            SslContextFactory.Server server = new SslContextFactory.Server();
            a(server, sslCertificateReader);
            listenerConnector.d(server);
            k.add(server);
            Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
            ConnectionFactory hTTP2ServerConnectionFactory = new HTTP2ServerConnectionFactory(httpConfiguration);
            hTTP2ServerConnectionFactory.setRateControlFactory(new RateControl.Factory() { // from class: com.inet.webserver.b.5
            });
            ConnectionFactory aLPNServerConnectionFactory = new ALPNServerConnectionFactory(new String[0]);
            aLPNServerConnectionFactory.setDefaultProtocol(httpConnectionFactory.getProtocol());
            serverConnector = new ServerConnector(this, i2, i3, new ConnectionFactory[]{new SslConnectionFactory(server, aLPNServerConnectionFactory.getProtocol()), aLPNServerConnectionFactory, hTTP2ServerConnectionFactory, httpConnectionFactory});
            Http3ConnectorFactory http3ConnectorFactory = (Http3ConnectorFactory) ServerPluginManager.getInstance().getOptionalInstance(Http3ConnectorFactory.class);
            if (http3ConnectorFactory != null && (addHttp3Connector = http3ConnectorFactory.addHttp3Connector(this, listenerConnector, httpConfiguration, server)) != null) {
                addHttp3Connector.setName("ServerConnector, on port " + listenerConnector.getPort());
                l.add(addHttp3Connector);
            }
            a((SslContextFactory) server);
        } else {
            serverConnector = new ServerConnector(this, i2, i3, new ConnectionFactory[]{httpConnectionFactory});
        }
        if (System.getProperty("os.name", "").toLowerCase().indexOf("windows") != -1) {
            serverConnector.setReuseAddress(false);
        } else {
            serverConnector.setReuseAddress(true);
        }
        serverConnector.setPort(listenerConnector.getPort());
        serverConnector.setAcceptQueueSize(((Integer) h.get()).intValue());
        String bindAddress = listenerConnector.getBindAddress();
        if (bindAddress != null && bindAddress.length() > 0) {
            serverConnector.setHost(bindAddress);
        }
        serverConnector.setName("ServerConnector, on port " + listenerConnector.getPort());
        addConnector(serverConnector);
    }

    private void a(SslContextFactory sslContextFactory) {
        ForkJoinPool.commonPool().execute(() -> {
            try {
                StringBuilder sb = new StringBuilder();
                sslContextFactory.dump(sb, "");
                sb.delete(0, sb.indexOf("\n", sb.indexOf("\n") + 1) + 1);
                String str = null;
                String[] split = sb.toString().split("\n");
                boolean[] zArr = new boolean[split.length];
                for (int i2 = 0; i2 < split.length; i2++) {
                    String trim = split[i2].replace("|  ", "").replace("+> ", "").trim();
                    int indexOf = trim.indexOf(" - ConfigExcluded:");
                    if (indexOf > 0) {
                        trim = trim.substring(0, indexOf);
                    }
                    int indexOf2 = trim.indexOf(" size=");
                    if (indexOf2 > 0) {
                        String substring = trim.substring(0, indexOf2);
                        zArr[i2] = true;
                        if (str == null) {
                            str = split[i2 - 1];
                            int i3 = i2 - 1;
                            split[i3] = split[i3] + " " + substring.substring(0, indexOf2);
                            zArr[i2 - 1] = true;
                            trim = "";
                        } else {
                            trim = str + " " + substring.substring(0, indexOf2);
                            str = null;
                        }
                    }
                    split[i2] = trim;
                }
                for (int i4 = 0; i4 < split.length; i4++) {
                    if (!zArr[i4]) {
                        split[i4] = "- " + split[i4];
                    }
                }
                ServerPluginManager.getInstance().getStartProperties().setProperty("SSL.Settings", String.join("\n", split).replace("\n\n", "\n"));
            } catch (Throwable th) {
                c.o.error(th);
            }
        });
    }

    @SuppressFBWarnings(value = {"HARD_CODE_PASSWORD"}, justification = "only in memeory password")
    private static void a(SslContextFactory sslContextFactory, f fVar) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, "jetty".toCharArray());
        Collection<? extends Certificate> certificates = fVar.getCertificates();
        c.o.debug("Count of certificates: " + certificates.size());
        String str = null;
        for (Certificate certificate : certificates) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            String str2 = x509Certificate.getSerialNumber() + "-" + Math.abs(x509Certificate.getIssuerX500Principal().hashCode());
            c.o.debug("Certificate for alias: " + str2 + ":\n" + certificate);
            keyStore.setCertificateEntry(str2, certificate);
            if (str == null) {
                str = str2;
            }
        }
        RSAPrivateKey l2 = fVar.l();
        c.o.debug("Privatekey: " + l2.getAlgorithm() + ", " + l2.getFormat());
        keyStore.setKeyEntry(str, l2, "jetty".toCharArray(), (Certificate[]) certificates.toArray(new Certificate[certificates.size()]));
        String property = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        if (property == null) {
            property = "SunX509";
        }
        c.o.debug("ssl.KeyManagerFactory.algorithm: " + property);
        KeyManagerFactory.getInstance(property).init(keyStore, "jetty".toCharArray());
        sslContextFactory.setKeyStore(keyStore);
        sslContextFactory.setKeyStorePassword("jetty");
        sslContextFactory.setKeyManagerPassword("jetty");
        sslContextFactory.setTrustAll(true);
        sslContextFactory.setCipherComparator(HTTP2Cipher.COMPARATOR);
        com.inet.webserver.internal.b.W.a(certificates);
    }

    public static void a(f fVar) throws Exception {
        Iterator<SslContextFactory> it = k.iterator();
        while (it.hasNext()) {
            SslContextFactory next = it.next();
            a(next, fVar);
            next.reload(sslContextFactory -> {
            });
        }
        Iterator<Connector> it2 = l.iterator();
        while (it2.hasNext()) {
            Connector next2 = it2.next();
            next2.stop();
            next2.start();
        }
    }

    public boolean handle(org.eclipse.jetty.server.Request request, Response response, Callback callback) throws Exception {
        LogID.reset();
        LogID.ignoreNextReset();
        return super.handle(request, response, callback);
    }

    public void d() throws Exception {
        start();
    }

    public void e() throws Exception {
        stop();
        k.clear();
        l.clear();
    }
}
