package org.apache.catalina.tribes.membership.cloud;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.catalina.tribes.util.StringManager;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;

/* loaded from: input_file:BOOT-INF/lib/tomcat-tribes-9.0.46.jar:org/apache/catalina/tribes/membership/cloud/AbstractStreamProvider.class */
public abstract class AbstractStreamProvider implements StreamProvider {
    private static final Log log = LogFactory.getLog((Class<?>) AbstractStreamProvider.class);
    protected static final StringManager sm = StringManager.getManager((Class<?>) AbstractStreamProvider.class);
    protected static final TrustManager[] INSECURE_TRUST_MANAGERS = {new X509TrustManager() { // from class: org.apache.catalina.tribes.membership.cloud.AbstractStreamProvider.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }};

    protected abstract SSLSocketFactory getSocketFactory();

    public URLConnection openConnection(String str, Map<String, String> map, int i, int i2) throws IOException {
        if (log.isDebugEnabled()) {
            log.debug(String.format("%s opening connection: url [%s], headers [%s], connectTimeout [%s], readTimeout [%s]", getClass().getSimpleName(), str, map, Integer.toString(i), Integer.toString(i2)));
        }
        URLConnection openConnection = new URL(str).openConnection();
        if (map != null) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                openConnection.addRequestProperty(entry.getKey(), entry.getValue());
            }
        }
        if (i < 0 || i2 < 0) {
            throw new IllegalArgumentException(String.format("Neither connectTimeout [%s] nor readTimeout [%s] can be less than 0 for URLConnection.", Integer.toString(i), Integer.toString(i2)));
        }
        openConnection.setConnectTimeout(i);
        openConnection.setReadTimeout(i2);
        return openConnection;
    }

    @Override // org.apache.catalina.tribes.membership.cloud.StreamProvider
    public InputStream openStream(String str, Map<String, String> map, int i, int i2) throws IOException {
        URLConnection openConnection = openConnection(str, map, i, i2);
        if (openConnection instanceof HttpsURLConnection) {
            ((HttpsURLConnection) openConnection).setSSLSocketFactory(getSocketFactory());
            if (log.isDebugEnabled()) {
                log.debug(String.format("Using HttpsURLConnection with SSLSocketFactory [%s] for url [%s].", getSocketFactory(), str));
            }
        } else if (log.isDebugEnabled()) {
            log.debug(String.format("Using URLConnection for url [%s].", str));
        }
        return openConnection.getInputStream();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static TrustManager[] configureCaCert(String str) throws Exception {
        if (str == null) {
            log.warn(sm.getString("abstractStream.CACertUndefined"));
            return InsecureStreamProvider.INSECURE_TRUST_MANAGERS;
        }
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(str));
            Throwable th = null;
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X509");
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null);
                Iterator<? extends Certificate> it = certificateFactory.generateCertificates(bufferedInputStream).iterator();
                while (it.hasNext()) {
                    X509Certificate x509Certificate = (X509Certificate) it.next();
                    keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
                }
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                if (bufferedInputStream != null) {
                    if (0 != 0) {
                        try {
                            bufferedInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        bufferedInputStream.close();
                    }
                }
                return trustManagers;
            } catch (Throwable th3) {
                if (bufferedInputStream != null) {
                    if (0 != 0) {
                        try {
                            bufferedInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        bufferedInputStream.close();
                    }
                }
                throw th3;
            }
        } catch (FileNotFoundException e) {
            log.error(sm.getString("abstractStream.fileNotFound", str));
            throw e;
        } catch (Exception e2) {
            log.error(sm.getString("abstractStream.trustManagerError", str));
            throw e2;
        }
    }
}
