package com.ibm.HostPublisher.Server.ELF;

import com.ibm.hats.common.actions.SetAction;
import com.ibm.hats.common.customlogic.GlobalVariableScreenReco;
import com.ibm.hpsslight.SSLCert;
import com.ibm.hpsslight.SSLException;
import com.ibm.hpsslight.SSLSocket;
import com.ms.win32.winv;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;

/* loaded from: input_file:lib/hpMigElfSupport.jar:com/ibm/HostPublisher/Server/ELF/ELFConnection.class */
public class ELFConnection implements ELFConstants, TimerEventListener, Runnable {
    private static final String Copyright = "(C) Copyright IBM Corp. 2000.";
    private static final String className = "com.ibm.HostPublisher.Server.ELF.ELFConnection";
    private static final int USE_DEFAULT_PORT = 0;
    private InetAddress serverAddress;
    private int serverPort;
    private boolean usingSSL;
    private ELFEventListener listener;
    private TimerService timer;
    private Socket socket;
    private DataOutputStream toHost;
    private DataInputStream fromHost;
    private Thread receiveThread;
    private boolean connectionActive;
    private ELFSslContext sslContext;
    private int correlator = 0;
    private Hashtable requests = new Hashtable();
    private int requestsReceived = 0;
    private int requestsSent = 0;
    private int responsesReceived = 0;
    private int passticketsReceived = 0;
    private int responseTimeouts = 0;
    private boolean serverTrusted = false;
    private boolean validCertificate = false;
    protected SSLCert[] serverCertificateChain = null;

    public void setServerAddress(InetAddress inetAddress) {
        this.serverAddress = inetAddress;
    }

    public InetAddress getServerAddress() {
        return this.serverAddress;
    }

    public void setServerPort(int i) {
        this.serverPort = i == 0 ? 8990 : i;
    }

    public int getServerPort() {
        return this.serverPort;
    }

    private String getHostAndPort() {
        return new StringBuffer().append(getServerAddress().getHostName()).append(":").append(getServerPort()).toString();
    }

    private String getHostName() {
        return getServerAddress().getHostName();
    }

    public void setUsingSSL(boolean z) {
        this.usingSSL = z;
    }

    public boolean isUsingSSL() {
        return this.usingSSL;
    }

    public void setListener(ELFEventListener eLFEventListener) {
        this.listener = eLFEventListener;
    }

    public ELFEventListener getListener() {
        return this.listener;
    }

    public ELFConnection(ELFPassticketRequest eLFPassticketRequest, boolean z, ELFEventListener eLFEventListener, ThreadGroup threadGroup) throws ELFException {
        this.connectionActive = false;
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "<init>", eLFPassticketRequest);
        }
        this.timer = TimerService.getInstance();
        setListener(eLFEventListener);
        setServerAddress(eLFPassticketRequest.getServerAddress());
        setServerPort(eLFPassticketRequest.getServerPort());
        setUsingSSL(z);
        this.socket = getSocket();
        try {
            this.toHost = new DataOutputStream(new BufferedOutputStream(this.socket.getOutputStream()));
            this.fromHost = new DataInputStream(new BufferedInputStream(this.socket.getInputStream()));
            this.connectionActive = true;
            this.receiveThread = new Thread(threadGroup, this);
            this.receiveThread.start();
            if (Ras.anyTracing) {
                Ras.traceExit(className, "<init>");
            }
        } catch (IOException e) {
            close();
            throw new ELFException("I/O exception opening ELF connection streams", e, "ELF_IO_ERROR", new String[]{getHostAndPort()}).log(className, "<init>");
        }
    }

    public ELFConnection selfTest() {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "selfTest");
        }
        ELFConnection eLFConnection = this;
        try {
            this.fromHost.available();
        } catch (IOException e) {
            Ras.traceException(e, className, "selfTest");
            close();
            eLFConnection = null;
        }
        if (Ras.anyTracing) {
            Ras.traceExit(className, "selfTest", eLFConnection);
        }
        return eLFConnection;
    }

    public void request(ELFPassticketRequest eLFPassticketRequest) throws ELFException {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "request", eLFPassticketRequest);
        }
        synchronized (this) {
            if (this.correlator == Integer.MAX_VALUE) {
                this.correlator = 0;
            }
            int i = this.correlator + 1;
            this.correlator = i;
            eLFPassticketRequest.setCorrelator(i);
            this.requestsReceived++;
            eLFPassticketRequest.send(this.toHost);
            this.requestsSent++;
            eLFPassticketRequest.setTimer(this.timer.startTimer(eLFPassticketRequest.getTimeout(), new Integer(eLFPassticketRequest.getCorrelator()), this));
            this.requests.put(new Integer(eLFPassticketRequest.getCorrelator()), eLFPassticketRequest);
            notify();
        }
        if (Ras.anyTracing) {
            Ras.traceExit(className, "request");
        }
    }

    private Socket getSocket() throws ELFException {
        if (this.socket == null) {
            if (Ras.anyTracing) {
                Ras.traceEntry(className, "getSocket");
            }
            if (isUsingSSL()) {
                this.socket = createSecureSocket();
            } else {
                try {
                    this.socket = new Socket(this.serverAddress, this.serverPort);
                } catch (IOException e) {
                    throw new ELFException("Cannot get non-secure socket", e, "ELF_IO_ERROR", new String[]{getHostAndPort()}).log(className, "getSocket");
                }
            }
            StringBuffer stringBuffer = new StringBuffer(new StringBuffer().append("Opened ").append(this.socket).toString());
            if (isUsingSSL()) {
                stringBuffer.append(new StringBuffer().append(" \n\tusing cipher suite ").append(this.socket.getCipherSuite()).toString());
            }
            if (Ras.anyTracing) {
                Ras.traceExit(className, "getSocket", stringBuffer.toString());
            }
        }
        return this.socket;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // java.lang.Runnable
    public void run() {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "run");
        }
        while (this.connectionActive) {
            try {
                while (this.requests.size() > 0) {
                    if (this.fromHost.available() > 0) {
                        processResponse();
                    } else {
                        try {
                            Thread.sleep(1000L);
                        } catch (InterruptedException e) {
                        }
                    }
                }
                synchronized (this) {
                    if (this.requests.size() == 0) {
                        Ras.trace(className, "run", "ELFConnection receive thread waiting for incoming request");
                        try {
                            wait();
                        } catch (InterruptedException e2) {
                        }
                    }
                }
            } catch (IOException e3) {
                Ras.trace(className, "run", new StringBuffer().append("Exception received: ").append(e3).toString());
                Ras.traceException(e3, className, "run");
                close();
            } catch (Throwable th) {
                close();
            }
        }
        if (Ras.anyTracing) {
            Ras.traceExit(className, "run");
        }
    }

    void processResponse() throws ELFException {
        ELFPassticketRequest eLFPassticketRequest;
        try {
            if (Ras.anyTracing) {
                Ras.traceEntry(className, "processResponse", new Object[]{this, new Integer(this.fromHost.available())});
            }
            ELFPassticketResponse read = ELFPassticketResponse.read(this.fromHost);
            synchronized (this) {
                eLFPassticketRequest = (ELFPassticketRequest) this.requests.remove(new Integer(read.getCorrelator()));
                if (eLFPassticketRequest != null) {
                    this.timer.stopTimer(eLFPassticketRequest.getTimer());
                }
            }
            if (eLFPassticketRequest != null) {
                if (read.getRc() != 0) {
                    logDCASError(read);
                }
                eLFPassticketRequest.respond(read);
                this.responsesReceived++;
                if (read.getRc() == 0) {
                    this.passticketsReceived++;
                }
            }
            if (Ras.anyTracing) {
                Ras.traceExit(className, "processResponse");
            }
        } catch (IOException e) {
            throw new ELFException("I/O Error receiving data from DCAS", e, "ELF_IO_RECEIVE_ERROR", new String[]{getHostAndPort()}).log(className, "processResponse");
        }
    }

    void failAllRequests() {
        Vector vector = new Vector();
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "failAllRequests");
        }
        synchronized (this) {
            Enumeration elements = this.requests.elements();
            while (elements.hasMoreElements()) {
                ELFPassticketRequest eLFPassticketRequest = (ELFPassticketRequest) elements.nextElement();
                this.timer.stopTimer(eLFPassticketRequest.getTimer());
                vector.addElement(eLFPassticketRequest);
            }
            this.requests.clear();
        }
        if (!vector.isEmpty()) {
            Enumeration elements2 = vector.elements();
            while (elements2.hasMoreElements()) {
                ELFPassticketRequest eLFPassticketRequest2 = (ELFPassticketRequest) elements2.nextElement();
                eLFPassticketRequest2.respond(new ELFPassticketResponse(-1, eLFPassticketRequest2.getCorrelator()));
            }
            vector.removeAllElements();
        }
        getListener().connectionClosed(this);
        if (Ras.anyTracing) {
            Ras.traceExit(className, "failAllRequests");
        }
    }

    public void close() {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "close");
        }
        this.connectionActive = false;
        failAllRequests();
        if (this.socket != null) {
            try {
                this.socket.close();
            } catch (IOException e) {
            }
        }
        if (Ras.anyTracing) {
            Ras.traceExit(className, "close", new StringBuffer().append("Closed ").append(this.socket).append("\n\tStatistics: ").append(this.requestsSent).append(" of ").append(this.requestsReceived).append(" sent; got ").append(this.passticketsReceived).append(" of ").append(this.responsesReceived).append(" tickets; ").append(this.responseTimeouts).append(" timeouts.").toString());
        }
    }

    @Override // com.ibm.HostPublisher.Server.ELF.TimerEventListener
    public void timerPop(TimerElement timerElement) {
        ELFPassticketRequest eLFPassticketRequest;
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "timerPop");
        }
        synchronized (this) {
            eLFPassticketRequest = (ELFPassticketRequest) this.requests.remove(timerElement.getObject());
        }
        if (eLFPassticketRequest != null) {
            eLFPassticketRequest.respond(new ELFPassticketResponse(-2, eLFPassticketRequest.getCorrelator()));
            this.responseTimeouts++;
        }
        if (Ras.anyTracing) {
            Ras.traceExit(className, "timerPop");
        }
    }

    public ELFSslContext getELFSslContext() throws ELFException {
        if (this.sslContext == null) {
            this.sslContext = new ELFSslContext();
            this.sslContext.initialize();
        }
        return this.sslContext;
    }

    public String toString() {
        return new StringBuffer().append("ELFConnection[ To(").append(this.serverAddress).append(":").append(this.serverPort).append(") Corr(").append(this.correlator).append(")]").toString();
    }

    public void setServerTrusted(boolean z) {
        this.serverTrusted = z;
    }

    public boolean isServerTrusted() {
        return this.serverTrusted;
    }

    public void setValidCertificate(boolean z) {
        this.validCertificate = z;
    }

    public boolean hasValidCertificate() {
        return this.validCertificate;
    }

    public SSLCert[] getServerCertificateChain() {
        return this.serverCertificateChain;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setServerCertificateChain(SSLCert[] sSLCertArr) {
        this.serverCertificateChain = sSLCertArr;
    }

    public Socket createSecureSocket() throws ELFException {
        if (Ras.anyTracing) {
            Ras.traceEntry(className, "createSecureSocket");
        }
        try {
            SSLSocket sSLSocket = new SSLSocket(getServerAddress(), getServerPort(), getELFSslContext(), false, this);
            if (ELFPassticketManager.getInstance().doExtraServerAuthentication()) {
                boolean z = false;
                if (this.serverCertificateChain == null) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e) {
                    }
                    throw new ELFException("Missing server certificate chain", "ELF_PEER_MISSING_CERT_CHAIN", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
                }
                String nameComponent = this.serverCertificateChain[0].getNameComponent(1, 3);
                if (null == nameComponent) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e2) {
                    }
                    throw new ELFException("Server common name is null", "ELF_PEER_COMMON_NAME_NULL", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
                }
                try {
                    InetAddress[] allByName = InetAddress.getAllByName(nameComponent);
                    try {
                        InetAddress[] allByName2 = InetAddress.getAllByName(getHostName());
                        for (int i = 0; i < allByName.length && !z; i++) {
                            for (int i2 = 0; i2 < allByName2.length && !z; i2++) {
                                if (allByName2[i2].equals(allByName[i])) {
                                    z = true;
                                }
                            }
                        }
                        if (!z) {
                            try {
                                sSLSocket.close();
                            } catch (IOException e3) {
                            }
                            throw new ELFException("Server socket address does not match peer common name", "ELF_PEER_SOCKET_MISMATCH", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
                        }
                    } catch (UnknownHostException e4) {
                        try {
                            sSLSocket.close();
                        } catch (IOException e5) {
                        }
                        throw new ELFException("Server socket has no address", e4, "ELF_PEER_SOCKET_NO_ADDRESS", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
                    }
                } catch (UnknownHostException e6) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e7) {
                    }
                    throw new ELFException("Server common name has no address", e6, "ELF_PEER_NO_ADDRESS", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
                }
            }
            if (Ras.anyTracing) {
                Ras.traceExit(className, "createSecureSocket");
            }
            return sSLSocket;
        } catch (SSLException e8) {
            getELFSslContext();
            ELFSslContext.logSSLException(e8, className, "createSecureSocket");
            throw new ELFException("Cannot create socket to the passticket server", (Throwable) e8, "ELF_CANNOT_TALK_TO_DCAS", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
        } catch (UnknownHostException e9) {
            throw new ELFException("Passticket server host is unknown", e9, "ELF_UNKNOWN_PASSTICKET_HOST", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
        } catch (IOException e10) {
            throw new ELFException("I/O error opening socket to passticket server", e10, "ELF_IO_ERROR", new String[]{getHostAndPort()}).log(className, "createSecureSocket");
        }
    }

    public void logDCASError(ELFPassticketResponse eLFPassticketResponse) {
        String str = null;
        switch (eLFPassticketResponse.getDcasRC()) {
            case 250:
                str = "DCAS_FA_INTERNAL_ERROR";
                break;
            case winv.VK_ZOOM /* 251 */:
                str = "DCAS_FB_PASSTICKET_GEN_FAILED";
                break;
            case 252:
            case 254:
            case 255:
                if (eLFPassticketResponse.getDcasRC1() == 8 && eLFPassticketResponse.getDcasRC2() == 8) {
                    switch (eLFPassticketResponse.getDcasRC3()) {
                        case 4:
                            str = "DCAS_PARAMETER_LIST_ERROR";
                            break;
                        case 8:
                            str = "DCAS_INTERNAL_RACF_ERROR";
                            break;
                        case 16:
                            str = "DCAS_USERID_NOT_DEFINED";
                            break;
                        case 20:
                            str = "DCAS_PASSTICKET_NOT_VALID";
                            break;
                        case 24:
                            str = "DCAS_PASSWORD_EXPIRED";
                            break;
                        case 28:
                            str = "DCAS_USERID_REVOKED";
                            break;
                        case 32:
                            str = "DCAS_USER_UNAUTHORIZED";
                            break;
                        case 36:
                            str = "DCAS_CERTIFICATE_NOT_VALID";
                            break;
                        case 40:
                            str = "DCAS_NOTRUST_USERID";
                            break;
                    }
                }
                if (str == null) {
                    switch (eLFPassticketResponse.getDcasRC()) {
                        case 252:
                            str = "DCAS_FC_CERTIFICATE_CHECK";
                            break;
                        case 254:
                            str = "DCAS_FE_CLIENT_AUTH2_FAILED";
                            break;
                        case 255:
                            str = "DCAS_FF_CLIENT_AUTH1_FAILED";
                            break;
                    }
                }
                break;
            case winv.VK_PA1 /* 253 */:
                str = "DCAS_FD_INVALID_INPUT";
                break;
        }
        if (str == null) {
            str = "DCAS_PASSTICKET_REQUEST_ERROR";
        }
        String[] strArr = {String.valueOf((int) eLFPassticketResponse.getDcasRC()), String.valueOf(eLFPassticketResponse.getDcasRC1()), String.valueOf(eLFPassticketResponse.getDcasRC2()), String.valueOf(eLFPassticketResponse.getDcasRC3())};
        Ras.trace(className, "logDCASError", new StringBuffer().append("Recording DCAS Error ").append(str).append(GlobalVariableScreenReco._OPEN_PROP).append((int) eLFPassticketResponse.getDcasRC()).append(SetAction.OPERATOR_STR_MINUS).append(eLFPassticketResponse.getDcasRC1()).append(SetAction.OPERATOR_STR_MINUS).append(eLFPassticketResponse.getDcasRC2()).append(SetAction.OPERATOR_STR_MINUS).append(eLFPassticketResponse.getDcasRC3()).append(GlobalVariableScreenReco._CLOSE_PROP).toString());
        Ras.logMessage(2, className, "logDCASError", str, strArr);
    }
}
