package com.liferay.sync.engine.lan.server.file;

import com.liferay.sync.engine.lan.util.LanClientUtil;
import com.liferay.sync.engine.lan.util.LanPEMParserUtil;
import com.liferay.sync.engine.model.SyncAccount;
import com.liferay.sync.engine.service.SyncAccountService;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelPipeline;
import io.netty.channel.socket.SocketChannel;
import io.netty.handler.codec.http.HttpObjectAggregator;
import io.netty.handler.codec.http.HttpServerCodec;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.SniHandler;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import io.netty.handler.stream.ChunkedWriteHandler;
import io.netty.util.DomainNameMapping;
import io.netty.util.DomainNameMappingBuilder;
import java.security.cert.X509Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/liferay/sync/engine/lan/server/file/LanFileServerInitializer.class */
public class LanFileServerInitializer extends ChannelInitializer<SocketChannel> {
    private static final Logger _logger = LoggerFactory.getLogger((Class<?>) LanFileServerInitializer.class);
    private DomainNameMapping<SslContext> _domainNameMapping;
    private final SyncTrafficShapingHandler _syncTrafficShapingHandler;

    public LanFileServerInitializer(SyncTrafficShapingHandler syncTrafficShapingHandler) {
        this._syncTrafficShapingHandler = syncTrafficShapingHandler;
        updateDomainNameMapping();
    }

    @Override // io.netty.channel.ChannelInitializer
    public void initChannel(SocketChannel socketChannel) {
        ChannelPipeline pipeline = socketChannel.pipeline();
        if (this._domainNameMapping != null) {
            pipeline.addLast(new SniHandler((DomainNameMapping<? extends SslContext>) this._domainNameMapping));
        }
        pipeline.addLast(new HttpServerCodec());
        pipeline.addLast(new HttpObjectAggregator(65536));
        pipeline.addLast(this._syncTrafficShapingHandler);
        pipeline.addLast(new ChunkedWriteHandler());
        pipeline.addLast(new LanFileServerHandler(this._syncTrafficShapingHandler));
    }

    public void updateDomainNameMapping() {
        DomainNameMappingBuilder domainNameMappingBuilder = null;
        for (SyncAccount syncAccount : SyncAccountService.findAll()) {
            if (syncAccount.isActive() && syncAccount.isLanEnabled()) {
                try {
                    X509Certificate parseX509Certificate = LanPEMParserUtil.parseX509Certificate(syncAccount.getLanCertificate());
                    SslContextBuilder forServer = SslContextBuilder.forServer(LanPEMParserUtil.parsePrivateKey(syncAccount.getLanKey()), parseX509Certificate);
                    forServer.clientAuth(ClientAuth.REQUIRE);
                    forServer.sslProvider(SslProvider.JDK);
                    forServer.trustManager(parseX509Certificate);
                    SslContext build = forServer.build();
                    if (domainNameMappingBuilder == null) {
                        domainNameMappingBuilder = new DomainNameMappingBuilder(build);
                    }
                    domainNameMappingBuilder.add(LanClientUtil.getSNIHostname(syncAccount.getLanServerUuid()), build);
                } catch (Exception e) {
                    _logger.error(e.getMessage(), (Throwable) e);
                }
            }
        }
        if (domainNameMappingBuilder == null) {
            return;
        }
        this._domainNameMapping = domainNameMappingBuilder.build();
    }
}
