package com.atlassian.elasticsearch.buckler;

import com.atlassian.elasticsearch.buckler.config.BucklerConfig;
import com.atlassian.elasticsearch.buckler.config.TlsConfig;
import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelPipeline;
import org.elasticsearch.common.inject.Inject;
import org.elasticsearch.common.io.stream.NamedWriteableRegistry;
import org.elasticsearch.common.network.NetworkService;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.util.BigArrays;
import org.elasticsearch.indices.breaker.CircuitBreakerService;
import org.elasticsearch.threadpool.ThreadPool;
import org.elasticsearch.transport.netty4.Netty4Transport;

/* loaded from: input_file:com/atlassian/elasticsearch/buckler/SecureTransport.class */
public class SecureTransport extends Netty4Transport {
    private final BucklerConfig config;

    /* loaded from: input_file:com/atlassian/elasticsearch/buckler/SecureTransport$TlsClientChannelPipelineFactory.class */
    private class TlsClientChannelPipelineFactory extends Netty4Transport.ClientChannelInitializer {
        private final BucklerConfig config;

        public TlsClientChannelPipelineFactory(Netty4Transport netty4Transport, BucklerConfig bucklerConfig) {
            super(SecureTransport.this);
            this.config = bucklerConfig;
        }

        protected void initChannel(Channel channel) throws Exception {
            ChannelPipeline pipeline = channel.pipeline();
            TlsConfig tlsConfig = this.config.getTlsConfig();
            if (tlsConfig.isEnabledForTcp()) {
                pipeline.addFirst("tls", tlsConfig.createHandler(true));
            }
        }
    }

    /* loaded from: input_file:com/atlassian/elasticsearch/buckler/SecureTransport$TlsServerChannelPipelineFactory.class */
    private class TlsServerChannelPipelineFactory extends Netty4Transport.ServerChannelInitializer {
        private final BucklerConfig config;

        public TlsServerChannelPipelineFactory(String str, Settings settings, BucklerConfig bucklerConfig) {
            super(SecureTransport.this, str, settings);
            this.config = bucklerConfig;
        }

        protected void initChannel(Channel channel) throws Exception {
            ChannelPipeline pipeline = channel.pipeline();
            TlsConfig tlsConfig = this.config.getTlsConfig();
            if (tlsConfig.isEnabledForTcp()) {
                pipeline.addFirst("tls", tlsConfig.createHandler(false));
            }
        }
    }

    @Inject
    public SecureTransport(Settings settings, ThreadPool threadPool, NetworkService networkService, BigArrays bigArrays, BucklerConfig bucklerConfig, NamedWriteableRegistry namedWriteableRegistry, CircuitBreakerService circuitBreakerService) {
        super(settings, threadPool, networkService, bigArrays, namedWriteableRegistry, circuitBreakerService);
        this.config = bucklerConfig;
    }

    protected ChannelHandler getServerChannelInitializer(String str, Settings settings) {
        return this.config.getTlsConfig().isEnabledForTcp() ? new TlsServerChannelPipelineFactory(str, settings, this.config) : super.getServerChannelInitializer(str, settings);
    }

    protected ChannelHandler getClientChannelInitializer() {
        return this.config.getTlsConfig().isEnabledForTcp() ? new TlsClientChannelPipelineFactory(this, this.config) : super.getClientChannelInitializer();
    }
}
