package de.siegmar.logbackgelf;

import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: input_file:BOOT-INF/lib/logback-gelf-6.1.0.jar:de/siegmar/logbackgelf/GelfTcpTlsAppender.class */
public class GelfTcpTlsAppender extends GelfTcpAppender {
    private boolean insecure;

    public boolean isInsecure() {
        return this.insecure;
    }

    public void setInsecure(boolean z) {
        this.insecure = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.siegmar.logbackgelf.GelfTcpAppender
    public SSLSocketFactory initSocketFactory() {
        try {
            return configureSslFactory(newTrustManager());
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException(e);
        }
    }

    private TrustManager newTrustManager() throws NoSuchAlgorithmException, KeyStoreException {
        if (!this.insecure) {
            return new CustomX509TrustManager(findDefaultX509TrustManager(), getGraylogHost());
        }
        addWarn("Enabled insecure mode (skip TLS certificate validation) - don't use this in production!");
        return new NoopX509TrustManager();
    }

    private static X509TrustManager findDefaultX509TrustManager() throws NoSuchAlgorithmException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
            if (trustManager instanceof X509TrustManager) {
                return (X509TrustManager) trustManager;
            }
        }
        throw new IllegalStateException("No X509 TrustManager found");
    }

    private SSLSocketFactory configureSslFactory(TrustManager trustManager) throws NoSuchAlgorithmException, KeyManagementException {
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, new TrustManager[]{trustManager}, new SecureRandom());
        return sSLContext.getSocketFactory();
    }
}
