package com.puppetlabs.trapperkeeper.services.webserver.jetty9.utils;

import java.io.File;
import java.security.cert.CRL;
import java.util.Collection;
import java.util.function.Consumer;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.security.CertificateUtils;
import org.eclipse.jetty.util.ssl.SslContextFactory;

/* loaded from: input_file:com/puppetlabs/trapperkeeper/services/webserver/jetty9/utils/InternalSslContextFactory.class */
public class InternalSslContextFactory extends SslContextFactory.Server {
    private static int maxTries = 25;
    private static int sleepInMillisecondsBetweenTries = 100;
    private static final Logger LOG = Log.getLogger(InternalSslContextFactory.class);
    private static Consumer<SslContextFactory> consumer = sslContextFactory -> {
    };
    private Collection<? extends CRL> _crls;

    protected Collection<? extends CRL> loadCRL(String str) throws Exception {
        Collection<? extends CRL> loadCRL;
        synchronized (this) {
            loadCRL = this._crls == null ? super.loadCRL(str) : this._crls;
        }
        return loadCRL;
    }

    public void reload() throws Exception {
        synchronized (this) {
            Exception exc = null;
            int i = maxTries;
            String crlPath = getCrlPath();
            if (crlPath != null) {
                File file = new File(crlPath);
                long lastModified = file.lastModified();
                do {
                    exc = null;
                    try {
                        this._crls = CertificateUtils.loadCRL(crlPath);
                    } catch (Exception e) {
                        exc = e;
                        if (file == null || lastModified == file.lastModified()) {
                            i--;
                        } else {
                            lastModified = file.lastModified();
                            i = maxTries;
                        }
                        if (i == 0) {
                            LOG.warn("Failed ssl context reload after " + maxTries + " tries.  CRL file is: " + crlPath, exc);
                        } else {
                            Thread.sleep(sleepInMillisecondsBetweenTries);
                        }
                    }
                    if (exc == null) {
                        break;
                    }
                } while (i > 0);
            }
            if (exc == null) {
                reload(consumer);
            }
        }
    }
}
