package org.jivesoftware.openfire.filetransfer.proxy;

import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collection;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SNIMatcher;
import javax.net.ssl.SNIServerName;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLServerSocket;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.ssl.SSLObjectFactory;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.auth.UnauthorizedException;
import org.jivesoftware.openfire.cluster.ClusterException;
import org.jivesoftware.openfire.cluster.ClusterManager;
import org.jivesoftware.openfire.filetransfer.FileTransferManager;
import org.jivesoftware.openfire.filetransfer.FileTransferRejectedException;
import org.jivesoftware.openfire.filetransfer.proxy.credentials.ProxyCredentialException;
import org.jivesoftware.openfire.filetransfer.proxy.credentials.ProxyServerCredentialManager;
import org.jivesoftware.openfire.spi.ConnectionManagerImpl;
import org.jivesoftware.openfire.spi.ConnectionType;
import org.jivesoftware.openfire.spi.EncryptionArtifactFactory;
import org.jivesoftware.openfire.stats.Statistic;
import org.jivesoftware.openfire.stats.StatisticsManager;
import org.jivesoftware.openfire.stats.i18nStatistic;
import org.jivesoftware.util.ClassUtils;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.StringUtils;
import org.jivesoftware.util.cache.Cache;
import org.jivesoftware.util.cache.CacheFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xmpp.packet.JID;

/* loaded from: input_file:org/jivesoftware/openfire/filetransfer/proxy/ProxyConnectionManager.class */
public class ProxyConnectionManager {
    public static final String FILE_TRANSFER_CACHE_NAME = "File Transfer";
    public static final String CLUSTER_CROSS_PROXY_MAP_CACHE_NAME = "Cluster Cross Proxy Map";
    private static final Logger Log = LoggerFactory.getLogger(ProxyConnectionManager.class);
    private static final String proxyTransferRate = "proxyTransferRate";
    private Future<?> socketProcess;
    private ServerSocket serverSocket;
    private int proxyPort;
    private FileTransferManager transferManager;
    private final Object connectionLock = new Object();
    private ExecutorService executor = Executors.newCachedThreadPool();
    private Cache<String, ProxyTransfer> connectionMap = CacheFactory.createCache(FILE_TRANSFER_CACHE_NAME);
    private Cache<String, ClusterCrossProxyInfo> clusterCrossProxyMap = CacheFactory.createCache(CLUSTER_CROSS_PROXY_MAP_CACHE_NAME);
    private String className = JiveGlobals.getProperty("provider.transfer.proxy", "org.jivesoftware.openfire.filetransfer.proxy.DefaultProxyTransfer");

    /* loaded from: input_file:org/jivesoftware/openfire/filetransfer/proxy/ProxyConnectionManager$AliasSNIMatcher.class */
    class AliasSNIMatcher extends SNIMatcher {
        private String _host;

        AliasSNIMatcher() {
            super(0);
        }

        @Override // javax.net.ssl.SNIMatcher
        public boolean matches(SNIServerName sNIServerName) {
            if (!(sNIServerName instanceof SNIHostName)) {
                return true;
            }
            this._host = StringUtil.asciiToLowerCase(((SNIHostName) sNIServerName).getAsciiName());
            return true;
        }

        public String getHost() {
            return this._host;
        }
    }

    /* loaded from: input_file:org/jivesoftware/openfire/filetransfer/proxy/ProxyConnectionManager$ProxyTracker.class */
    private static class ProxyTracker extends i18nStatistic {
        public ProxyTracker() {
            super("filetransferproxy.transfered", Statistic.Type.rate);
        }

        @Override // org.jivesoftware.openfire.stats.Statistic
        public double sample() {
            return ProxyOutputStream.amountTransferred.getAndSet(0L) / 1000.0d;
        }

        @Override // org.jivesoftware.openfire.stats.Statistic
        public boolean isPartialSample() {
            return true;
        }
    }

    public ProxyConnectionManager(FileTransferManager fileTransferManager) {
        this.transferManager = fileTransferManager;
        StatisticsManager.getInstance().addStatistic(proxyTransferRate, new ProxyTracker());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void processConnections(final InetAddress inetAddress, final int i) {
        if (this.socketProcess == null || this.proxyPort != i) {
            reset();
            this.socketProcess = this.executor.submit(new Runnable() { // from class: org.jivesoftware.openfire.filetransfer.proxy.ProxyConnectionManager.1
                @Override // java.lang.Runnable
                public void run() {
                    try {
                        SslContextFactory sslContextFactory = new EncryptionArtifactFactory(((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager()).getListener(ConnectionType.SOCKET_S2S, true).generateConnectionConfiguration()).getSslContextFactory();
                        sslContextFactory.start();
                        ProxyConnectionManager.this.serverSocket = sslContextFactory.getSslContext().getServerSocketFactory().createServerSocket(i, -1, inetAddress);
                        if (ProxyConnectionManager.this.serverSocket instanceof SSLServerSocket) {
                            SSLServerSocket sSLServerSocket = (SSLServerSocket) SSLServerSocket.class.cast(ProxyConnectionManager.this.serverSocket);
                            SSLParameters sSLParameters = sSLServerSocket.getSSLParameters();
                            SNIMatcher createAliasMatcher = SSLObjectFactory.createAliasMatcher();
                            Collection<SNIMatcher> sNIMatchers = sSLParameters.getSNIMatchers();
                            ArrayList arrayList = (sNIMatchers == null || sNIMatchers.isEmpty()) ? new ArrayList() : new ArrayList(sSLParameters.getSNIMatchers());
                            arrayList.add(createAliasMatcher);
                            sSLParameters.setSNIMatchers(arrayList);
                            sSLServerSocket.setSSLParameters(sSLParameters);
                        }
                        while (ProxyConnectionManager.this.serverSocket.isBound()) {
                            try {
                                final Socket accept = ProxyConnectionManager.this.serverSocket.accept();
                                ProxyConnectionManager.Log.info("Accepted proxy socket connection from " + accept.getInetAddress().getHostAddress());
                                ProxyConnectionManager.this.executor.submit(new Runnable() { // from class: org.jivesoftware.openfire.filetransfer.proxy.ProxyConnectionManager.1.1
                                    @Override // java.lang.Runnable
                                    public void run() {
                                        try {
                                            ProxyConnectionManager.this.processConnection(accept);
                                        } catch (IOException e) {
                                            ProxyConnectionManager.Log.error("Error processing file transfer proxy connection", e);
                                            try {
                                                accept.close();
                                            } catch (IOException e2) {
                                            }
                                        }
                                    }
                                });
                            } catch (IOException e) {
                                if (ProxyConnectionManager.this.serverSocket.isClosed()) {
                                    ProxyConnectionManager.Log.error("Proxy conenction server socket has been closed and will not accept any more connections.", e);
                                    return;
                                }
                                ProxyConnectionManager.Log.error("Error accepting proxy connection", e);
                            }
                        }
                    } catch (Exception e2) {
                        ProxyConnectionManager.Log.error("Error creating server socket", e2);
                    }
                }
            });
            this.proxyPort = i;
        }
    }

    public int getProxyPort() {
        return this.proxyPort;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v67 */
    /* JADX WARN: Type inference failed for: r0v68 */
    /* JADX WARN: Type inference failed for: r0v70 */
    public void processConnection(Socket socket) throws IOException {
        DataOutputStream dataOutputStream = new DataOutputStream(socket.getOutputStream());
        DataInputStream dataInputStream = new DataInputStream(socket.getInputStream());
        if (dataInputStream.read() != 5) {
            throw new IOException("Only SOCKS5 supported");
        }
        int read = dataInputStream.read();
        int[] iArr = new int[read];
        for (int i = 0; i < read; i++) {
            iArr[i] = dataInputStream.read();
        }
        boolean z = -1;
        for (int i2 : iArr) {
            z = i2 == 2 ? 0 : -1;
            if (!z) {
                break;
            }
        }
        if (z) {
            throw new IOException("Authentication method not supported");
        }
        dataOutputStream.write(new byte[]{5, 2});
        dataOutputStream.flush();
        if (dataInputStream.read() != 1) {
            throw new IOException("Subnegotiation version must be 1");
        }
        int read2 = dataInputStream.read();
        byte[] bArr = new byte[read2];
        for (int i3 = 0; i3 < read2; i3++) {
            bArr[i3] = (byte) dataInputStream.read();
        }
        int read3 = dataInputStream.read();
        byte[] bArr2 = new byte[read3];
        for (int i4 = 0; i4 < read3; i4++) {
            bArr2[i4] = (byte) dataInputStream.read();
        }
        byte[] bArr3 = new byte[2];
        bArr3[0] = 1;
        if (!ProxyServerCredentialManager.getInstance().validateCredential(new String(bArr, StandardCharsets.US_ASCII), new String(bArr2, StandardCharsets.US_ASCII))) {
            bArr3[1] = 1;
            dataOutputStream.write(bArr3);
            dataOutputStream.flush();
            throw new IOException("Invalid credentials");
        }
        bArr3[1] = 0;
        dataOutputStream.write(bArr3);
        String processIncomingSocks5Message = processIncomingSocks5Message(dataInputStream);
        try {
            setupAndUpateProxyTranfer(processIncomingSocks5Message, socket);
            dataOutputStream.write(createOutgoingSocks5Message(0, processIncomingSocks5Message));
        } catch (UnauthorizedException e) {
            dataOutputStream.write(createOutgoingSocks5Message(2, processIncomingSocks5Message));
            throw new IOException("Illegal proxy transfer");
        }
    }

    private void setupAndUpateProxyTranfer(String str, Socket socket) throws IOException, UnauthorizedException {
        ClusterCrossProxyInfo clusterCrossProxyInfo = null;
        synchronized (this.connectionLock) {
            if (ClusterManager.isClusteringStarted()) {
                clusterCrossProxyInfo = this.clusterCrossProxyMap.get(str);
            }
            ProxyTransfer proxyTransfer = this.connectionMap.get(str);
            if (proxyTransfer != null) {
                proxyTransfer.setInputStream(socket.getInputStream());
                proxyTransfer.setSessionID(str);
                if (clusterCrossProxyInfo != null) {
                    doTransfer(str, proxyTransfer);
                }
            } else if (proxyTransfer == null && clusterCrossProxyInfo == null) {
                ProxyTransfer createProxyTransfer = createProxyTransfer(str, socket);
                if (ClusterManager.isClusteringStarted()) {
                    try {
                        this.clusterCrossProxyMap.put(str, createClusterCrossProxyInfo(str));
                    } catch (Exception e) {
                        Log.error("Failed to get cross proxy info information.  File transfer digest {} may fail.", str, e);
                    }
                }
                this.transferManager.registerProxyTransfer(str, createProxyTransfer);
                this.connectionMap.put(str, createProxyTransfer);
            } else {
                try {
                    ProxyTransfer createProxyTransfer2 = createProxyTransfer(str, new AuthSocks5Client(clusterCrossProxyInfo.getReceiversClusterNode().getNodeIP(), clusterCrossProxyInfo.getPort(), str).getSocket(10000, clusterCrossProxyInfo.getProxyServiceCredential().getSubject(), clusterCrossProxyInfo.getProxyServiceCredential().getSecret()));
                    this.transferManager.registerProxyTransfer(str, createProxyTransfer2);
                    createProxyTransfer2.setInputStream(socket.getInputStream());
                    createProxyTransfer2.setSessionID(str);
                    this.connectionMap.put(str, createProxyTransfer2);
                    doTransfer(str, createProxyTransfer2);
                } catch (Exception e2) {
                    throw new IOException("Failed to establish SOCKS5 proxy to proxy connection.", e2);
                }
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10, types: [org.jivesoftware.openfire.filetransfer.proxy.ProxyTransfer] */
    private ProxyTransfer createProxyTransfer(String str, Socket socket) throws IOException {
        DefaultProxyTransfer defaultProxyTransfer;
        try {
            defaultProxyTransfer = (ProxyTransfer) ClassUtils.forName(this.className).newInstance();
        } catch (Exception e) {
            Log.error("Error loading proxy transfer provider: " + this.className, e);
            defaultProxyTransfer = new DefaultProxyTransfer();
        }
        defaultProxyTransfer.setTransferDigest(str);
        defaultProxyTransfer.setOutputStream(socket.getOutputStream());
        return defaultProxyTransfer;
    }

    private static String processIncomingSocks5Message(InputStream inputStream) throws IOException {
        byte[] bArr = new byte[5];
        if (inputStream.read(bArr, 0, 5) != 5) {
            throw new IOException("Error reading Socks5 version and command");
        }
        byte[] bArr2 = new byte[bArr[4]];
        if (inputStream.read(bArr2, 0, bArr2.length) != bArr2.length) {
            throw new IOException("Error reading provided address");
        }
        String str = new String(bArr2);
        inputStream.read();
        inputStream.read();
        return str;
    }

    private static byte[] createOutgoingSocks5Message(int i, String str) {
        byte[] bytes = str.getBytes();
        byte[] bArr = new byte[7 + bytes.length];
        bArr[0] = 5;
        bArr[1] = (byte) i;
        bArr[2] = 0;
        bArr[3] = 3;
        bArr[4] = (byte) bytes.length;
        System.arraycopy(bytes, 0, bArr, 5, bytes.length);
        bArr[bArr.length - 2] = 0;
        bArr[bArr.length - 1] = 0;
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void shutdown() {
        disable();
        this.executor.shutdown();
        StatisticsManager.getInstance().removeStatistic(proxyTransferRate);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void activate(JID jid, JID jid2, String str) {
        ProxyTransfer proxyTransfer;
        String createDigest = createDigest(str, jid, jid2);
        synchronized (this.connectionLock) {
            proxyTransfer = this.connectionMap.get(createDigest);
        }
        if (proxyTransfer != null) {
            if (proxyTransfer == null || !proxyTransfer.isActivatable()) {
                throw new IllegalArgumentException("Transfer doesn't exist or is missing parameters");
            }
            proxyTransfer.setInitiator(jid.toString());
            proxyTransfer.setTarget(jid2.toString());
            proxyTransfer.setSessionID(str);
            if (ClusterManager.isClusteringStarted()) {
                return;
            }
            doTransfer(createDigest, proxyTransfer);
        }
    }

    private void doTransfer(final String str, final ProxyTransfer proxyTransfer) {
        proxyTransfer.setTransferFuture(this.executor.submit(new Runnable() { // from class: org.jivesoftware.openfire.filetransfer.proxy.ProxyConnectionManager.2
            @Override // java.lang.Runnable
            public void run() {
                try {
                    ProxyConnectionManager.Log.info("Strarting file transfer transfer.");
                    try {
                        ProxyConnectionManager.this.transferManager.fireFileTransferStart(proxyTransfer.getSessionID(), true);
                        try {
                            try {
                                proxyTransfer.doTransfer();
                                ProxyConnectionManager.this.transferManager.fireFileTransferCompleted(proxyTransfer.getSessionID(), true);
                                ProxyConnectionManager.this.connectionMap.remove(str);
                                ProxyConnectionManager.this.clusterCrossProxyMap.remove(str);
                            } catch (IOException e) {
                                ProxyConnectionManager.Log.error("Error during file transfer", e);
                                ProxyConnectionManager.this.transferManager.fireFileTransferCompleted(proxyTransfer.getSessionID(), false);
                                ProxyConnectionManager.this.connectionMap.remove(str);
                                ProxyConnectionManager.this.clusterCrossProxyMap.remove(str);
                            }
                        } catch (Throwable th) {
                            ProxyConnectionManager.this.connectionMap.remove(str);
                            ProxyConnectionManager.this.clusterCrossProxyMap.remove(str);
                            throw th;
                        }
                    } catch (FileTransferRejectedException e2) {
                        ProxyConnectionManager.this.notifyFailure(proxyTransfer, e2);
                    }
                } catch (Exception e3) {
                    ProxyConnectionManager.Log.error("Error during file transfer", e3);
                }
            }
        }));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void notifyFailure(ProxyTransfer proxyTransfer, FileTransferRejectedException fileTransferRejectedException) {
    }

    public static String createDigest(String str, JID jid, JID jid2) {
        return StringUtils.hash(str + jid.getNode() + "@" + jid.getDomain() + "/" + jid.getResource() + jid2.getNode() + "@" + jid2.getDomain() + "/" + jid2.getResource(), "SHA-1");
    }

    public boolean isRunning() {
        return (this.socketProcess == null || this.socketProcess.isDone()) ? false : true;
    }

    public void disable() {
        reset();
    }

    private void reset() {
        if (this.socketProcess != null) {
            this.socketProcess.cancel(true);
            this.socketProcess = null;
        }
        if (this.serverSocket != null) {
            try {
                this.serverSocket.close();
            } catch (IOException e) {
                Log.warn("Error closing proxy listening socket", e);
            }
        }
    }

    protected ClusterCrossProxyInfo createClusterCrossProxyInfo(String str) throws ClusterException, ProxyCredentialException {
        ClusterCrossProxyInfo clusterCrossProxyInfo = new ClusterCrossProxyInfo();
        clusterCrossProxyInfo.setReceiversClusterNode(ClusterManager.getClusterNodeProvider().getClusterMember(XMPPServer.getInstance().getNodeID()));
        clusterCrossProxyInfo.setPort(this.proxyPort);
        clusterCrossProxyInfo.setResponseDigest(str);
        clusterCrossProxyInfo.setProxyServiceCredential(ProxyServerCredentialManager.getInstance().createCredential());
        return clusterCrossProxyInfo;
    }
}
