package com.amazon.opendistroforelasticsearch.security.ssl.http.netty;

import com.amazon.opendistroforelasticsearch.security.ssl.OpenDistroSecurityKeyStore;
import com.amazon.opendistroforelasticsearch.security.ssl.SslExceptionHandler;
import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.handler.codec.DecoderException;
import io.netty.handler.ssl.SslHandler;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.elasticsearch.common.network.NetworkService;
import org.elasticsearch.common.settings.ClusterSettings;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.BigArrays;
import org.elasticsearch.common.xcontent.NamedXContentRegistry;
import org.elasticsearch.http.HttpChannel;
import org.elasticsearch.http.HttpHandlingSettings;
import org.elasticsearch.http.netty4.Netty4HttpServerTransport;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.transport.SharedGroupFactory;

/* loaded from: input_file:com/amazon/opendistroforelasticsearch/security/ssl/http/netty/OpenDistroSecuritySSLNettyHttpServerTransport.class */
public class OpenDistroSecuritySSLNettyHttpServerTransport extends Netty4HttpServerTransport {
    private static final Logger logger = LogManager.getLogger(OpenDistroSecuritySSLNettyHttpServerTransport.class);
    private final OpenDistroSecurityKeyStore odsks;
    private final SslExceptionHandler errorHandler;

    /* loaded from: input_file:com/amazon/opendistroforelasticsearch/security/ssl/http/netty/OpenDistroSecuritySSLNettyHttpServerTransport$SSLHttpChannelHandler.class */
    protected class SSLHttpChannelHandler extends Netty4HttpServerTransport.HttpChannelHandler {
        protected SSLHttpChannelHandler(Netty4HttpServerTransport netty4HttpServerTransport, HttpHandlingSettings httpHandlingSettings, OpenDistroSecurityKeyStore openDistroSecurityKeyStore) {
            super(netty4HttpServerTransport, httpHandlingSettings);
        }

        protected void initChannel(Channel channel) throws Exception {
            super.initChannel(channel);
            channel.pipeline().addFirst("ssl_http", new SslHandler(OpenDistroSecuritySSLNettyHttpServerTransport.this.odsks.createHTTPSSLEngine()));
        }
    }

    public OpenDistroSecuritySSLNettyHttpServerTransport(Settings settings, NetworkService networkService, BigArrays bigArrays, ThreadPool threadPool, OpenDistroSecurityKeyStore openDistroSecurityKeyStore, NamedXContentRegistry namedXContentRegistry, ValidatingDispatcher validatingDispatcher, SslExceptionHandler sslExceptionHandler, ClusterSettings clusterSettings, SharedGroupFactory sharedGroupFactory) {
        super(settings, networkService, bigArrays, threadPool, namedXContentRegistry, validatingDispatcher, clusterSettings, sharedGroupFactory);
        this.odsks = openDistroSecurityKeyStore;
        this.errorHandler = sslExceptionHandler;
    }

    public ChannelHandler configureServerChannelHandler() {
        return new SSLHttpChannelHandler(this, this.handlingSettings, this.odsks);
    }

    public void onException(HttpChannel httpChannel, Exception exc) {
        Exception exc2 = exc;
        if ((exc instanceof DecoderException) && exc != null) {
            exc2 = exc.getCause();
        }
        this.errorHandler.logError(exc2, true);
        logger.error("Exception during establishing a SSL connection: " + exc2, exc2);
        super.onException(httpChannel, exc);
    }
}
