package com.bes.enterprise.webtier.util.mbeanserver;

import com.bes.enterprise.appserver.common.ssl.SecuritySupport;
import com.bes.enterprise.appserver.common.util.SystemPropertyConstants;
import com.bes.enterprise.config.miniparser.DomTemplate;
import com.bes.enterprise.config.miniparser.SystemPropertyValueTranslator;
import com.bes.enterprise.web.jni.Address;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.UnknownHostException;
import java.rmi.NoSuchObjectException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
import java.rmi.server.RMISocketFactory;
import java.rmi.server.UnicastRemoteObject;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import javax.management.MBeanServer;
import javax.management.remote.JMXAuthenticator;
import javax.management.remote.JMXConnectorServer;
import javax.management.remote.JMXConnectorServerFactory;
import javax.management.remote.JMXServiceURL;
import javax.net.ssl.SSLException;
import javax.rmi.ssl.SslRMIClientSocketFactory;
import javax.rmi.ssl.SslRMIServerSocketFactory;

/* loaded from: input_file:com/bes/enterprise/webtier/util/mbeanserver/JMXConnectorStarter.class */
public class JMXConnectorStarter {
    public static final String RMI_HOSTNAME_PROP = "java.rmi.server.hostname";
    private Registry registry;
    private MBeanServer mbeanServer;
    private String hostName;
    private int port;
    private String authRealmName;
    private boolean securityEnabled;
    private JMXServiceURL jmxServiceURL;
    private JMXConnectorServer jmxConnectorServer;
    private RMIServerSocketFactory rmiServerSocketFactory;
    private RMIClientSocketFactory rmiClientSocketFactory;
    private JMXAuthenticator jmxAuthenticator;

    /* loaded from: input_file:com/bes/enterprise/webtier/util/mbeanserver/JMXConnectorStarter$DefaultRMISocketFactory.class */
    private static final class DefaultRMISocketFactory extends RMISocketFactory {
        private final InetAddress mAddress;

        public DefaultRMISocketFactory(InetAddress inetAddress) {
            this.mAddress = inetAddress;
        }

        public ServerSocket createServerSocket(int i) throws IOException {
            return new ServerSocket(i, 5, this.mAddress);
        }

        public Socket createSocket(String str, int i) throws IOException {
            return new Socket(str, i);
        }
    }

    /* loaded from: input_file:com/bes/enterprise/webtier/util/mbeanserver/JMXConnectorStarter$SecureSslRMIServerSocketFactory.class */
    private static class SecureSslRMIServerSocketFactory extends SslRMIServerSocketFactory {
        private JMXSslRMISocketFactory secureSslRMISocketFactory;

        public SecureSslRMIServerSocketFactory(JMXSslRMISocketFactory jMXSslRMISocketFactory) {
            this.secureSslRMISocketFactory = jMXSslRMISocketFactory;
        }

        public ServerSocket createServerSocket(int i) throws IOException {
            return this.secureSslRMISocketFactory.createServerSocket(i);
        }
    }

    public JMXConnectorStarter(MBeanServer mBeanServer, String str, int i, String str2, JMXAuthenticator jMXAuthenticator, boolean z, DomTemplate domTemplate) throws UnknownHostException, NoSuchAlgorithmException, GeneralSecurityException, IOException {
        this.mbeanServer = mBeanServer;
        this.hostName = str;
        this.port = i;
        this.authRealmName = str2;
        this.jmxAuthenticator = jMXAuthenticator;
        this.securityEnabled = z;
        InetAddress address = getAddress(this.hostName);
        if (z) {
            String attribute = domTemplate.getAttribute("key-alias");
            boolean booleanValue = Boolean.valueOf(domTemplate.getAttribute("ssl3-enabled")).booleanValue();
            boolean booleanValue2 = Boolean.valueOf(domTemplate.getAttribute("tls-enabled")).booleanValue();
            boolean booleanValue3 = Boolean.valueOf(domTemplate.getAttribute("tls11-enabled")).booleanValue();
            boolean booleanValue4 = Boolean.valueOf(domTemplate.getAttribute("tls12-enabled")).booleanValue();
            boolean booleanValue5 = Boolean.valueOf(domTemplate.getAttribute("tls13-enabled")).booleanValue();
            String attribute2 = domTemplate.getAttribute("ciphers");
            SecuritySupport createSecuritySupport = createSecuritySupport(domTemplate);
            if (!createSecuritySupport.getKeystore().containsAlias(attribute)) {
                throw new SSLException("The key alias " + attribute + " is invalid.");
            }
            JMXSslRMISocketFactory jMXSslRMISocketFactory = new JMXSslRMISocketFactory(attribute, booleanValue, booleanValue2, booleanValue3, booleanValue4, booleanValue5, domTemplate.getAttribute("client-auth"), attribute2, address, createSecuritySupport);
            initSSLSystemProperties(domTemplate, jMXSslRMISocketFactory.getEnabledProtocolsAsString(), jMXSslRMISocketFactory.getCiphersAsString());
            jMXSslRMISocketFactory.setSecuritySupport(createSecuritySupport);
            this.rmiServerSocketFactory = new SecureSslRMIServerSocketFactory(jMXSslRMISocketFactory);
            this.rmiClientSocketFactory = createRmiClientSocketFactory();
        } else {
            this.rmiServerSocketFactory = new DefaultRMISocketFactory(address);
            this.rmiClientSocketFactory = null;
        }
        this.registry = createRegistry(i);
    }

    private void initSSLSystemProperties(DomTemplate domTemplate, String str, String str2) {
        String attribute = domTemplate.getAttribute("keystore-type");
        String translatedValue = SystemPropertyValueTranslator.getInstance().getTranslatedValue(domTemplate.getAttribute("keystore-file"));
        String attribute2 = domTemplate.getAttribute("keystore-pass");
        String attribute3 = domTemplate.getAttribute("truststore-type");
        String translatedValue2 = SystemPropertyValueTranslator.getInstance().getTranslatedValue(domTemplate.getAttribute("truststore-file"));
        String attribute4 = domTemplate.getAttribute("truststore-pass");
        if (System.getProperty("javax.net.ssl.keyStoreType") == null) {
            System.setProperty("javax.net.ssl.keyStoreType", attribute3 == null ? "JKS" : attribute);
        }
        if (System.getProperty("javax.net.ssl.trustStoreType") == null) {
            System.setProperty("javax.net.ssl.trustStoreType", attribute3 == null ? "JKS" : attribute3);
        }
        if (System.getProperty(SystemPropertyConstants.KEYSTORE_PROPERTY) == null) {
            System.setProperty(SystemPropertyConstants.KEYSTORE_PROPERTY, translatedValue);
        }
        if (System.getProperty(SystemPropertyConstants.TRUSTSTORE_PROPERTY) == null) {
            System.setProperty(SystemPropertyConstants.TRUSTSTORE_PROPERTY, translatedValue2);
        }
        if (System.getProperty(SystemPropertyConstants.KEYSTORE_PASSWORD_PROPERTY) == null) {
            System.setProperty(SystemPropertyConstants.KEYSTORE_PASSWORD_PROPERTY, attribute2 == null ? "changeit" : attribute2);
        }
        if (System.getProperty(SystemPropertyConstants.TRUSTSTORE_PASSWORD_PROPERTY) == null) {
            System.setProperty(SystemPropertyConstants.TRUSTSTORE_PASSWORD_PROPERTY, attribute4 == null ? "changeit" : attribute4);
        }
        if (str != null) {
            System.setProperty("javax.rmi.ssl.client.enabledProtocols", str);
        }
        if (str2 != null) {
            System.setProperty("javax.rmi.ssl.client.enabledCipherSuites", str2);
        }
    }

    public JMXConnectorServer start() throws Exception {
        String hostName = getHostName(this.hostName);
        HashMap hashMap = new HashMap();
        hashMap.put("jmx.remote.jndi.rebind", "true");
        hashMap.put("jmx.remote.rmi.client.socket.factory", this.rmiClientSocketFactory);
        hashMap.put("jmx.remote.rmi.server.socket.factory", this.rmiServerSocketFactory);
        hashMap.put("com.sun.jndi.rmi.factory.socket", this.rmiClientSocketFactory);
        if (this.jmxAuthenticator != null) {
            hashMap.put("jmx.remote.authenticator", this.jmxAuthenticator);
        }
        this.jmxServiceURL = new JMXServiceURL("rmi", hostName, this.port, "/jndi/rmi://" + (hostName + ":" + this.port) + "/jmxrmi");
        this.jmxConnectorServer = JMXConnectorServerFactory.newJMXConnectorServer(this.jmxServiceURL, hashMap, this.mbeanServer);
        this.jmxConnectorServer.start();
        return this.jmxConnectorServer;
    }

    public void stop() {
        if (this.jmxConnectorServer != null) {
            try {
                this.jmxConnectorServer.stop();
            } catch (IOException e) {
            }
        }
        if (this.registry != null) {
            try {
                UnicastRemoteObject.unexportObject(this.registry, true);
            } catch (NoSuchObjectException e2) {
            }
        }
    }

    private Registry createRegistry(int i) throws RemoteException {
        System.setProperty("java.rmi.server.randomIDs", "true");
        try {
            return this.securityEnabled ? LocateRegistry.createRegistry(i, this.rmiClientSocketFactory, this.rmiServerSocketFactory) : LocateRegistry.createRegistry(i, (RMIClientSocketFactory) null, this.rmiServerSocketFactory);
        } catch (RemoteException e) {
            RemoteException remoteException = new RemoteException("Port " + i + " is not available for the internal rmi registry.");
            remoteException.detail = e;
            throw remoteException;
        }
    }

    private SecuritySupport createSecuritySupport(DomTemplate domTemplate) throws GeneralSecurityException {
        String attribute = domTemplate.getAttribute("keystore-type");
        String translatedValue = SystemPropertyValueTranslator.getInstance().getTranslatedValue(domTemplate.getAttribute("keystore-file"));
        String attribute2 = domTemplate.getAttribute("keystore-pass");
        SecuritySupport securitySupport = new SecuritySupport(attribute, translatedValue, attribute2.toCharArray(), domTemplate.getAttribute("truststore-type"), SystemPropertyValueTranslator.getInstance().getTranslatedValue(domTemplate.getAttribute("truststore-file")), domTemplate.getAttribute("truststore-pass").toCharArray());
        securitySupport.init();
        return securitySupport;
    }

    private RMIClientSocketFactory createRmiClientSocketFactory() {
        return new SslRMIClientSocketFactory();
    }

    private static InetAddress getAddress(String str) throws UnknownHostException {
        String str2 = str;
        if (str.equals("localhost")) {
            str2 = "127.0.0.1";
        }
        return InetAddress.getByName(str2);
    }

    private static String getHostName(String str) throws UnknownHostException {
        return (str.equals("") || str.equals(Address.APR_ANYADDR)) ? InetAddress.getLocalHost().getCanonicalHostName() : (!str.contains(":") || str.startsWith("[")) ? str : "[" + str + "]";
    }

    public String getHostName() {
        return this.hostName;
    }

    public int getPort() {
        return this.port;
    }

    public JMXServiceURL getJmxServiceURL() {
        return this.jmxServiceURL;
    }

    public RMIServerSocketFactory getRmiServerSocketFactory() {
        return this.rmiServerSocketFactory;
    }

    public void setRmiServerSocketFactory(RMIServerSocketFactory rMIServerSocketFactory) {
        this.rmiServerSocketFactory = rMIServerSocketFactory;
    }

    public RMIClientSocketFactory getRmiClientSocketFactory() {
        return this.rmiClientSocketFactory;
    }

    public void setRmiClientSocketFactory(RMIClientSocketFactory rMIClientSocketFactory) {
        this.rmiClientSocketFactory = rMIClientSocketFactory;
    }
}
