package io.ktor.server.netty;

import io.ktor.server.engine.ApplicationEngineEnvironmentReloading;
import io.ktor.server.engine.EngineConnectorConfig;
import io.ktor.server.engine.EnginePipeline;
import io.ktor.server.engine.EngineSSLConnectorConfig;
import io.ktor.server.netty.http1.NettyHttp1Handler;
import io.ktor.server.netty.http2.NettyHttp2Handler;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelPipeline;
import io.netty.channel.EventLoopGroup;
import io.netty.channel.socket.SocketChannel;
import io.netty.handler.codec.http.HttpServerCodec;
import io.netty.handler.codec.http.HttpServerExpectContinueHandler;
import io.netty.handler.codec.http2.Http2MultiplexCodecBuilder;
import io.netty.handler.codec.http2.Http2SecurityUtil;
import io.netty.handler.codec.rtsp.RtspHeaders;
import io.netty.handler.ssl.ApplicationProtocolConfig;
import io.netty.handler.ssl.ApplicationProtocolNames;
import io.netty.handler.ssl.ApplicationProtocolNegotiationHandler;
import io.netty.handler.ssl.OpenSslSessionTicketKey;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslProvider;
import io.netty.handler.ssl.SupportedCipherSuiteFilter;
import io.netty.handler.timeout.ReadTimeoutHandler;
import io.netty.handler.timeout.WriteTimeoutHandler;
import io.netty.util.concurrent.Future;
import io.netty.util.concurrent.GenericFutureListener;
import java.nio.channels.ClosedChannelException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import javax.net.ssl.SSLEngine;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.ArraysKt;
import kotlin.collections.CollectionsKt;
import kotlin.coroutines.CoroutineContext;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;
import kotlinx.coroutines.ExecutorCoroutineDispatcher;

/* compiled from: NettyChannelInitializer.kt */
@Metadata(d1 = {"\u0000\u0010\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\u0018\u00002\b\u0012\u0004\u0012\u00020\u00020\u0001:\u0002\u0003\u0004¨\u0006\u0005"}, d2 = {"Lio/ktor/server/netty/NettyChannelInitializer;", "Lio/netty/channel/ChannelInitializer;", "Lio/netty/channel/socket/SocketChannel;", "Companion", "NegotiatedPipelineInitializer", "ktor-server-netty"}, k = 1, mv = {1, 8, 0}, xi = OpenSslSessionTicketKey.TICKET_KEY_SIZE)
/* loaded from: classes5.dex */
public final class NettyChannelInitializer extends ChannelInitializer<SocketChannel> {
    public static final Companion i2 = new Companion();
    public static final Lazy<SslProvider> u7 = LazyKt.b(new Function0<SslProvider>() { // from class: io.ktor.server.netty.NettyChannelInitializer$Companion$alpnProvider$2
        @Override // kotlin.jvm.functions.Function0
        public final SslProvider invoke() {
            SslProvider sslProvider;
            NettyChannelInitializer.i2.getClass();
            try {
                SslProvider sslProvider2 = SslProvider.OPENSSL;
                if (SslProvider.isAlpnSupported(sslProvider2)) {
                    return sslProvider2;
                }
            } catch (Throwable unused) {
            }
            try {
                sslProvider = SslProvider.JDK;
            } catch (Throwable unused2) {
            }
            if (SslProvider.isAlpnSupported(sslProvider)) {
                return sslProvider;
            }
            return null;
        }
    });
    public final int X;
    public final Function0<HttpServerCodec> Y;
    public final Function1<ChannelPipeline, Unit> Z;

    /* renamed from: a, reason: collision with root package name */
    public final EnginePipeline f31897a;

    /* renamed from: b, reason: collision with root package name */
    public final ApplicationEngineEnvironmentReloading f31898b;
    public final EventLoopGroup c;

    /* renamed from: d, reason: collision with root package name */
    public final ExecutorCoroutineDispatcher f31899d;
    public final CoroutineContext e;
    public final EngineConnectorConfig f;
    public final int i;
    public final SslContext i1;
    public final int n;

    /* compiled from: NettyChannelInitializer.kt */
    @Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\b\u0086\u0003\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0002\u0010\u0003¨\u0006\u0004"}, d2 = {"Lio/ktor/server/netty/NettyChannelInitializer$Companion;", "", "<init>", "()V", "ktor-server-netty"}, k = 1, mv = {1, 8, 0}, xi = OpenSslSessionTicketKey.TICKET_KEY_SIZE)
    /* loaded from: classes5.dex */
    public static final class Companion {
    }

    /* compiled from: NettyChannelInitializer.kt */
    @Metadata(d1 = {"\u0000\n\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\b\u0082\u0004\u0018\u00002\u00020\u0001¨\u0006\u0002"}, d2 = {"Lio/ktor/server/netty/NettyChannelInitializer$NegotiatedPipelineInitializer;", "Lio/netty/handler/ssl/ApplicationProtocolNegotiationHandler;", "ktor-server-netty"}, k = 1, mv = {1, 8, 0}, xi = OpenSslSessionTicketKey.TICKET_KEY_SIZE)
    /* loaded from: classes5.dex */
    public final class NegotiatedPipelineInitializer extends ApplicationProtocolNegotiationHandler {
        public NegotiatedPipelineInitializer() {
            super(ApplicationProtocolNames.HTTP_1_1);
        }

        @Override // io.netty.handler.ssl.ApplicationProtocolNegotiationHandler
        public final void configurePipeline(ChannelHandlerContext ctx, String protocol) {
            Intrinsics.g(ctx, "ctx");
            Intrinsics.g(protocol, "protocol");
            ChannelPipeline pipeline = ctx.pipeline();
            Intrinsics.f(pipeline, "ctx.pipeline()");
            Companion companion = NettyChannelInitializer.i2;
            NettyChannelInitializer.this.a(pipeline, protocol);
        }

        @Override // io.netty.handler.ssl.ApplicationProtocolNegotiationHandler
        public final void handshakeFailure(ChannelHandlerContext ctx, Throwable th) {
            Intrinsics.g(ctx, "ctx");
            if (th instanceof ClosedChannelException) {
                ctx.close();
            } else {
                super.handshakeFailure(ctx, th);
            }
        }
    }

    public NettyChannelInitializer(EnginePipeline enginePipeline, ApplicationEngineEnvironmentReloading environment, EventLoopGroup callEventGroup, ExecutorCoroutineDispatcher engineContext, CoroutineContext userContext, EngineConnectorConfig connector, int i, int i3, int i4, Function0 httpServerCodec, Function1 channelPipelineConfig) {
        Intrinsics.g(enginePipeline, "enginePipeline");
        Intrinsics.g(environment, "environment");
        Intrinsics.g(callEventGroup, "callEventGroup");
        Intrinsics.g(engineContext, "engineContext");
        Intrinsics.g(userContext, "userContext");
        Intrinsics.g(connector, "connector");
        Intrinsics.g(httpServerCodec, "httpServerCodec");
        Intrinsics.g(channelPipelineConfig, "channelPipelineConfig");
        this.f31897a = enginePipeline;
        this.f31898b = environment;
        this.c = callEventGroup;
        this.f31899d = engineContext;
        this.e = userContext;
        this.f = connector;
        this.i = i;
        this.n = i3;
        this.X = i4;
        this.Y = httpServerCodec;
        this.Z = channelPipelineConfig;
        if (connector instanceof EngineSSLConnectorConfig) {
            EngineSSLConnectorConfig engineSSLConnectorConfig = (EngineSSLConnectorConfig) connector;
            Certificate[] certificateChain = engineSSLConnectorConfig.b().getCertificateChain(engineSSLConnectorConfig.a());
            Intrinsics.f(certificateChain, "connector.keyStore.getCe…Chain(connector.keyAlias)");
            List c0 = ArraysKt.c0(certificateChain);
            Intrinsics.e(c0, "null cannot be cast to non-null type kotlin.collections.List<java.security.cert.X509Certificate>");
            X509Certificate[] x509CertificateArr = (X509Certificate[]) CollectionsKt.w0(c0).toArray(new X509Certificate[0]);
            char[] invoke = engineSSLConnectorConfig.e().invoke();
            Key key = engineSSLConnectorConfig.b().getKey(engineSSLConnectorConfig.a(), invoke);
            Intrinsics.e(key, "null cannot be cast to non-null type java.security.PrivateKey");
            Arrays.fill(invoke, 0, invoke.length, (char) 0);
            SslContextBuilder forServer = SslContextBuilder.forServer((PrivateKey) key, (X509Certificate[]) Arrays.copyOf(x509CertificateArr, x509CertificateArr.length));
            i2.getClass();
            Lazy<SslProvider> lazy = u7;
            if (lazy.getValue() != null) {
                forServer.sslProvider(lazy.getValue());
                forServer.ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE);
                forServer.applicationProtocolConfig(new ApplicationProtocolConfig(ApplicationProtocolConfig.Protocol.ALPN, ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE, ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT, ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1));
            }
            engineSSLConnectorConfig.c();
            engineSSLConnectorConfig.d();
            this.i1 = forServer.build();
        }
    }

    public final void a(ChannelPipeline channelPipeline, String str) {
        boolean equals = str.equals(ApplicationProtocolNames.HTTP_2);
        Function1<ChannelPipeline, Unit> function1 = this.Z;
        ApplicationEngineEnvironmentReloading applicationEngineEnvironmentReloading = this.f31898b;
        if (equals) {
            NettyHttp2Handler nettyHttp2Handler = new NettyHttp2Handler(this.f31897a, applicationEngineEnvironmentReloading.e(), this.c, this.e, this.i);
            channelPipeline.addLast(Http2MultiplexCodecBuilder.forServer(nettyHttp2Handler).build());
            channelPipeline.channel().closeFuture().addListener((GenericFutureListener<? extends Future<? super Void>>) new b(nettyHttp2Handler, 0));
            ((NettyApplicationEngine$Configuration$channelPipelineConfig$1) function1).invoke(channelPipeline);
            return;
        }
        if (!str.equals(ApplicationProtocolNames.HTTP_1_1)) {
            applicationEngineEnvironmentReloading.f31638b.error("Unsupported protocol ".concat(str));
            channelPipeline.close();
            return;
        }
        NettyHttp1Handler nettyHttp1Handler = new NettyHttp1Handler(this.f31897a, this.f31898b, this.c, this.f31899d, this.e, this.i);
        int i = this.X;
        if (i > 0) {
            channelPipeline.addLast("readTimeout", new ReadTimeoutHandler(i));
        }
        channelPipeline.addLast("codec", (ChannelHandler) ((NettyApplicationEngine$Configuration$httpServerCodec$1) this.Y).invoke());
        channelPipeline.addLast("continue", new HttpServerExpectContinueHandler());
        channelPipeline.addLast(RtspHeaders.Values.TIMEOUT, new WriteTimeoutHandler(this.n));
        channelPipeline.addLast("http1", nettyHttp1Handler);
        ((NettyApplicationEngine$Configuration$channelPipelineConfig$1) function1).invoke(channelPipeline);
        channelPipeline.context("codec").fireChannelActive();
    }

    @Override // io.netty.channel.ChannelInitializer
    public final void initChannel(SocketChannel socketChannel) {
        SocketChannel ch = socketChannel;
        Intrinsics.g(ch, "ch");
        ChannelPipeline pipeline = ch.pipeline();
        EngineConnectorConfig engineConnectorConfig = this.f;
        if (!(engineConnectorConfig instanceof EngineSSLConnectorConfig)) {
            Intrinsics.f(pipeline, "this");
            a(pipeline, ApplicationProtocolNames.HTTP_1_1);
            return;
        }
        SslContext sslContext = this.i1;
        Intrinsics.d(sslContext);
        SSLEngine newEngine = sslContext.newEngine(ch.alloc());
        EngineSSLConnectorConfig engineSSLConnectorConfig = (EngineSSLConnectorConfig) engineConnectorConfig;
        engineSSLConnectorConfig.c();
        engineSSLConnectorConfig.d();
        engineSSLConnectorConfig.f();
        pipeline.addLast("ssl", new SslHandler(newEngine));
        i2.getClass();
        if (u7.getValue() != null) {
            pipeline.addLast(new NegotiatedPipelineInitializer());
        } else {
            a(pipeline, ApplicationProtocolNames.HTTP_1_1);
        }
    }
}
