package org.mule.api.security.tls;

import com.google.common.base.Joiner;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import org.mule.util.ArrayUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/mule-core-3.4.5-SNAPSHOT.jar:org/mule/api/security/tls/RestrictedSSLServerSocketFactory.class */
public class RestrictedSSLServerSocketFactory extends SSLServerSocketFactory {
    private static final Logger logger = LoggerFactory.getLogger(RestrictedSSLServerSocketFactory.class);
    private final SSLServerSocketFactory sslServerSocketFactory;
    private final String[] enabledCipherSuites;
    private final String[] enabledProtocols;
    private final String[] defaultCipherSuites;

    public RestrictedSSLServerSocketFactory(SSLContext sSLContext, String[] strArr, String[] strArr2) {
        this.sslServerSocketFactory = sSLContext.getServerSocketFactory();
        strArr = strArr == null ? this.sslServerSocketFactory.getDefaultCipherSuites() : strArr;
        this.enabledCipherSuites = ArrayUtils.intersection(strArr, this.sslServerSocketFactory.getSupportedCipherSuites());
        this.defaultCipherSuites = ArrayUtils.intersection(strArr, this.sslServerSocketFactory.getDefaultCipherSuites());
        strArr2 = strArr2 == null ? sSLContext.getDefaultSSLParameters().getProtocols() : strArr2;
        this.enabledProtocols = ArrayUtils.intersection(strArr2, sSLContext.getSupportedSSLParameters().getProtocols());
        if (this.enabledProtocols.length != strArr2.length) {
            logger.warn("Current context supports less SSL protocols than configured. Only the following are enabled: [{}]", Joiner.on(", ").join(this.enabledProtocols));
        }
    }

    @Override // javax.net.ServerSocketFactory
    public ServerSocket createServerSocket() throws IOException {
        return restrictCipherSuites((SSLServerSocket) this.sslServerSocketFactory.createServerSocket());
    }

    @Override // javax.net.ServerSocketFactory
    public ServerSocket createServerSocket(int i) throws IOException {
        return restrictCipherSuites((SSLServerSocket) this.sslServerSocketFactory.createServerSocket(i));
    }

    @Override // javax.net.ServerSocketFactory
    public ServerSocket createServerSocket(int i, int i2) throws IOException {
        return restrictCipherSuites((SSLServerSocket) this.sslServerSocketFactory.createServerSocket(i, i2));
    }

    @Override // javax.net.ServerSocketFactory
    public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
        return restrictCipherSuites((SSLServerSocket) this.sslServerSocketFactory.createServerSocket(i, i2, inetAddress));
    }

    @Override // javax.net.ssl.SSLServerSocketFactory
    public String[] getDefaultCipherSuites() {
        return this.defaultCipherSuites;
    }

    @Override // javax.net.ssl.SSLServerSocketFactory
    public String[] getSupportedCipherSuites() {
        return this.enabledCipherSuites;
    }

    private SSLServerSocket restrictCipherSuites(SSLServerSocket sSLServerSocket) {
        sSLServerSocket.setEnabledCipherSuites(this.enabledCipherSuites);
        sSLServerSocket.setEnabledProtocols(this.enabledProtocols);
        return sSLServerSocket;
    }
}
