package org.openehealth.ipf.commons.audit.protocol;

import java.io.IOException;
import java.io.OutputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.net.SocketException;
import java.net.SocketTimeoutException;
import java.nio.charset.StandardCharsets;
import java.util.Objects;
import java.util.concurrent.atomic.AtomicReference;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.openehealth.ipf.commons.audit.AuditContext;
import org.openehealth.ipf.commons.audit.AuditException;
import org.openehealth.ipf.commons.audit.AuditMetadataProvider;
import org.openehealth.ipf.commons.audit.TlsParameters;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/openehealth/ipf/commons/audit/protocol/TLSSyslogSenderImpl.class */
public class TLSSyslogSenderImpl extends RFC5424Protocol implements AuditTransmissionProtocol {
    private static final int MIN_SO_TIMEOUT = 1;
    private final AtomicReference<Socket> socket;
    private final SocketFactory socketFactory;
    private final SocketTestPolicy socketTestPolicy;
    private static final Logger LOG = LoggerFactory.getLogger(TLSSyslogSenderImpl.class);
    private static final Boolean DEFAULT_SOCKET_KEEPALIVE = Boolean.TRUE;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/openehealth/ipf/commons/audit/protocol/TLSSyslogSenderImpl$FastSocketException.class */
    public static class FastSocketException extends SocketException {
        private static final long serialVersionUID = 1;

        public FastSocketException(String str) {
            super(str);
        }

        @Override // java.lang.Throwable
        public Throwable fillInStackTrace() {
            return null;
        }
    }

    /* loaded from: input_file:org/openehealth/ipf/commons/audit/protocol/TLSSyslogSenderImpl$SocketTestPolicy.class */
    public enum SocketTestPolicy {
        DONT_TEST_POLICY(false, false),
        TEST_BEFORE_WRITE(true, false),
        TEST_AFTER_WRITE(false, true),
        TEST_BEFORE_AND_AFTER_WRITE(true, true);

        private final boolean beforeWrite;
        private final boolean afterWrite;

        SocketTestPolicy(boolean z, boolean z2) {
            this.beforeWrite = z;
            this.afterWrite = z2;
        }

        public boolean isBeforeWrite() {
            return this.beforeWrite;
        }

        public boolean isAfterWrite() {
            return this.afterWrite;
        }
    }

    public TLSSyslogSenderImpl() {
        this(SocketTestPolicy.TEST_BEFORE_WRITE);
    }

    public TLSSyslogSenderImpl(SocketTestPolicy socketTestPolicy) {
        this.socket = new AtomicReference<>();
        this.socketFactory = SSLSocketFactory.getDefault();
        this.socketTestPolicy = socketTestPolicy;
    }

    public TLSSyslogSenderImpl(TlsParameters tlsParameters) {
        this(tlsParameters.getSSLSocketFactory(), SocketTestPolicy.TEST_BEFORE_WRITE);
    }

    public TLSSyslogSenderImpl(SSLSocketFactory sSLSocketFactory, SocketTestPolicy socketTestPolicy) {
        this.socket = new AtomicReference<>();
        this.socketFactory = sSLSocketFactory;
        this.socketTestPolicy = socketTestPolicy;
    }

    public TLSSyslogSenderImpl(TlsParameters tlsParameters, SocketTestPolicy socketTestPolicy) {
        this(tlsParameters.getSSLSocketFactory(), socketTestPolicy);
    }

    @Override // org.openehealth.ipf.commons.audit.protocol.AuditTransmissionProtocol
    public String getTransportName() {
        return AuditTransmissionChannel.TLS.getProtocolName();
    }

    private Socket getSocket(AuditContext auditContext) {
        if (this.socket.get() == null) {
            this.socket.compareAndSet(null, getTLSSocket(auditContext));
        }
        return this.socket.get();
    }

    @Override // org.openehealth.ipf.commons.audit.protocol.AuditTransmissionProtocol
    public void send(AuditContext auditContext, AuditMetadataProvider auditMetadataProvider, String str) throws Exception {
        if (str != null) {
            byte[] transportPayload = getTransportPayload(auditMetadataProvider, str);
            byte[] bytes = String.format("%d ", Integer.valueOf(transportPayload.length)).getBytes();
            LOG.debug("Auditing to {}:{}", auditContext.getAuditRepositoryHostName(), Integer.valueOf(auditContext.getAuditRepositoryPort()));
            if (LOG.isTraceEnabled()) {
                LOG.trace(new String(transportPayload, StandardCharsets.UTF_8));
            }
            try {
                doSend(auditContext, bytes, transportPayload);
            } catch (SocketException | SocketTimeoutException e) {
                try {
                    LOG.info("Failed to use existing TLS socket. Will create a new connection and retry.");
                    closeSocket(this.socket.get());
                    this.socket.set(null);
                    doSend(auditContext, bytes, transportPayload);
                } catch (Exception e2) {
                    LOG.error("Failed to audit using new TLS socket, giving up - this audit message will be lost.");
                    closeSocket(this.socket.get());
                    this.socket.set(null);
                    throw e2;
                }
            }
        }
    }

    @Override // org.openehealth.ipf.commons.audit.protocol.AuditTransmissionProtocol
    public void shutdown() {
        if (this.socket.get() != null) {
            closeSocket(this.socket.get());
        }
    }

    private synchronized void doSend(AuditContext auditContext, byte[] bArr, byte[] bArr2) throws IOException {
        Socket socket = getSocket(auditContext);
        if (this.socketTestPolicy.isBeforeWrite()) {
            LOG.trace("Testing whether socket connection is alive and well before attempting to write");
            if (!isSocketConnectionAlive(socket)) {
                closeSocket(socket);
                throw new FastSocketException("Read-test before write operation determined that the socket connection is dead");
            }
            LOG.debug("Socket connection is confirmed to be alive.");
        }
        LOG.trace("Now writing out ATNA record");
        OutputStream outputStream = socket.getOutputStream();
        outputStream.write(bArr);
        outputStream.write(bArr2);
        outputStream.flush();
        LOG.debug("ATNA record has been written ({} bytes)", Integer.valueOf(bArr.length + bArr2.length));
        if (this.socketTestPolicy.isAfterWrite()) {
            LOG.trace("Testing whether socket connection is alive and well after write to confirm the write operation");
            if (isSocketConnectionAlive(socket)) {
                LOG.debug("Socket connection is confirmed alive. Assuming write operation has succeeded");
            } else {
                closeSocket(socket);
                throw new FastSocketException("Read-test after write operation determined that the socket connection is dead");
            }
        }
    }

    private Socket getTLSSocket(AuditContext auditContext) {
        InetAddress auditRepositoryAddress = auditContext.getAuditRepositoryAddress();
        try {
            SSLSocket sSLSocket = (SSLSocket) this.socketFactory.createSocket(auditRepositoryAddress, auditContext.getAuditRepositoryPort());
            setSocketOptions(sSLSocket);
            if (this.socketTestPolicy != SocketTestPolicy.DONT_TEST_POLICY) {
                sSLSocket.startHandshake();
                sSLSocket.setSoTimeout(MIN_SO_TIMEOUT);
            }
            return sSLSocket;
        } catch (IOException e) {
            throw new AuditException(String.format("Could not establish TLS connection to %s:%d (%s)", auditContext.getAuditRepositoryHostName(), Integer.valueOf(auditContext.getAuditRepositoryPort()), auditRepositoryAddress.getHostAddress()), e);
        }
    }

    protected void setSocketOptions(Socket socket) throws SocketException {
        Objects.requireNonNull(socket);
        socket.setKeepAlive(DEFAULT_SOCKET_KEEPALIVE.booleanValue());
    }

    private boolean isSocketConnectionAlive(Socket socket) {
        boolean z;
        try {
        } catch (SocketTimeoutException e) {
            LOG.debug("Socket read timed out; assuming the connection is still alive.");
            z = MIN_SO_TIMEOUT;
        } catch (IOException e2) {
            LOG.warn("Socket read failed for non-timeout reason; assuming the connection is dead.");
            z = false;
        }
        if (socket.getSoTimeout() <= 0) {
            throw new IllegalStateException("Test requires an SO_TIMEOUT greater than zero set on the socket.");
        }
        int read = socket.getInputStream().read();
        if (read > -1) {
            LOG.warn("Socket test was able to read a byte from the socket other than the 'stream closed' value of -1. This should never happen since SYSLOG is a simplex (write only) protocol! Byte value read from stream: {}", Integer.valueOf(read));
            z = MIN_SO_TIMEOUT;
        } else {
            LOG.debug("Socket test read '-1' -> connection closed by server.");
            z = false;
        }
        return z;
    }

    private void closeSocket(Socket socket) {
        if (socket == null || socket.isClosed()) {
            return;
        }
        try {
            socket.close();
        } catch (IOException e) {
            LOG.debug("Failed to close pre-existing socket. As we are either shutting down or are in the process of replacing the socket this is not really a worry... Message: {}", e.getMessage());
        }
    }
}
