package org.opends.admin.ads.util;

import java.io.IOException;
import java.net.ConnectException;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.naming.CommunicationException;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.TrustManager;
import org.opends.server.config.ConfigConstants;
import org.opends.server.tools.ToolConstants;
import org.opends.server.util.ServerConstants;

/* loaded from: input_file:WEB-INF/lib/OpenDS.jar:org/opends/admin/ads/util/ConnectionUtils.class */
public class ConnectionUtils {
    private static final int DEFAULT_LDAP_CONNECT_TIMEOUT = 30000;
    private static final String STARTTLS_PROPERTY = "org.opends.connectionutils.isstarttls";
    private static final Logger LOG = Logger.getLogger(ConnectionUtils.class.getName());

    private ConnectionUtils() {
    }

    public static InitialLdapContext createLdapContext(String str, String str2, String str3, int i, Hashtable<String, String> hashtable) throws NamingException {
        Hashtable hashtable2 = hashtable != null ? new Hashtable(hashtable) : new Hashtable();
        hashtable2.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable2.put("java.naming.provider.url", str);
        if (i >= 1) {
            hashtable2.put("com.sun.jndi.ldap.connect.timeout", String.valueOf(i));
        }
        if (str2 != null) {
            hashtable2.put("java.naming.security.principal", str2);
        }
        if (str3 != null) {
            hashtable2.put("java.naming.security.credentials", str3);
        }
        final Object[] objArr = {null, null};
        final Hashtable hashtable3 = hashtable2;
        Thread thread = new Thread(new Runnable() { // from class: org.opends.admin.ads.util.ConnectionUtils.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    objArr[0] = new InitialLdapContext(hashtable3, (Control[]) null);
                } catch (NamingException e) {
                    objArr[1] = e;
                } catch (Throwable th) {
                    th.printStackTrace();
                    objArr[1] = th;
                }
            }
        });
        thread.setDaemon(true);
        return getInitialLdapContext(thread, objArr, i);
    }

    public static InitialLdapContext createLdapsContext(String str, String str2, String str3, int i, Hashtable<String, String> hashtable, TrustManager trustManager, final KeyManager keyManager) throws NamingException {
        Hashtable hashtable2 = hashtable != null ? new Hashtable(hashtable) : new Hashtable();
        hashtable2.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable2.put("java.naming.provider.url", str);
        hashtable2.put("java.naming.ldap.factory.socket", TrustedSocketFactory.class.getName());
        if (str2 != null) {
            hashtable2.put("java.naming.security.principal", str2);
        }
        if (str3 != null) {
            hashtable2.put("java.naming.security.credentials", str3);
        }
        if (trustManager == null) {
            trustManager = new BlindTrustManager();
        }
        final Object[] objArr = {null, null};
        final Hashtable hashtable3 = hashtable2;
        final TrustManager trustManager2 = trustManager;
        Thread thread = new Thread(new Runnable() { // from class: org.opends.admin.ads.util.ConnectionUtils.2
            @Override // java.lang.Runnable
            public void run() {
                try {
                    TrustedSocketFactory.setCurrentThreadTrustManager(trustManager2, keyManager);
                    objArr[0] = new InitialLdapContext(hashtable3, (Control[]) null);
                } catch (NamingException e) {
                    objArr[1] = e;
                } catch (RuntimeException e2) {
                    objArr[1] = e2;
                }
            }
        });
        thread.setDaemon(true);
        return getInitialLdapContext(thread, objArr, i);
    }

    public static InitialLdapContext cloneInitialLdapContext(final InitialLdapContext initialLdapContext, int i, final TrustManager trustManager, final KeyManager keyManager) throws NamingException {
        final Hashtable environment = initialLdapContext.getEnvironment();
        Control[] connectControls = initialLdapContext.getConnectControls();
        Control[] controlArr = null;
        if (connectControls != null) {
            controlArr = new Control[connectControls.length];
            for (int i2 = 0; i2 < connectControls.length; i2++) {
                controlArr[i2] = connectControls[i2];
            }
        }
        final Object[] objArr = {null, null};
        final Control[] controlArr2 = controlArr;
        return getInitialLdapContext(new Thread(new Runnable() { // from class: org.opends.admin.ads.util.ConnectionUtils.3
            @Override // java.lang.Runnable
            public void run() {
                try {
                    if (ConnectionUtils.isSSL(initialLdapContext) || ConnectionUtils.isStartTLS(initialLdapContext)) {
                        TrustedSocketFactory.setCurrentThreadTrustManager(trustManager, keyManager);
                    }
                    objArr[0] = new InitialLdapContext(environment, controlArr2);
                } catch (RuntimeException e) {
                    objArr[1] = e;
                } catch (NamingException e2) {
                    objArr[1] = e2;
                }
            }
        }), objArr, i);
    }

    public static InitialLdapContext createStartTLSContext(String str, final String str2, final String str3, int i, Hashtable<String, String> hashtable, TrustManager trustManager, final KeyManager keyManager, HostnameVerifier hostnameVerifier) throws NamingException {
        if (trustManager == null) {
            trustManager = new BlindTrustManager();
        }
        if (hostnameVerifier == null) {
            hostnameVerifier = new BlindHostnameVerifier();
        }
        Hashtable hashtable2 = hashtable != null ? new Hashtable(hashtable) : new Hashtable();
        hashtable2.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable2.put("java.naming.provider.url", str);
        hashtable2.put("java.naming.security.authentication", "none");
        final Object[] objArr = {null, null};
        final Hashtable hashtable3 = hashtable2;
        final TrustManager trustManager2 = trustManager;
        final HostnameVerifier hostnameVerifier2 = hostnameVerifier;
        Thread thread = new Thread(new Runnable() { // from class: org.opends.admin.ads.util.ConnectionUtils.4
            @Override // java.lang.Runnable
            public void run() {
                try {
                    InitialLdapContext initialLdapContext = new InitialLdapContext(hashtable3, (Control[]) null);
                    StartTlsResponse extendedOperation = initialLdapContext.extendedOperation(new StartTlsRequest());
                    extendedOperation.setHostnameVerifier(hostnameVerifier2);
                    try {
                        extendedOperation.negotiate(new TrustedSocketFactory(trustManager2, keyManager));
                        initialLdapContext.addToEnvironment(ConnectionUtils.STARTTLS_PROPERTY, ServerConstants.CONFIG_VALUE_TRUE);
                        if (str2 != null) {
                            initialLdapContext.addToEnvironment("java.naming.security.authentication", "simple");
                            initialLdapContext.addToEnvironment("java.naming.security.principal", str2);
                            if (str3 != null) {
                                initialLdapContext.addToEnvironment("java.naming.security.credentials", str3);
                            }
                            initialLdapContext.reconnect((Control[]) null);
                        }
                        objArr[0] = initialLdapContext;
                    } catch (IOException e) {
                        CommunicationException communicationException = new CommunicationException("Failed to negotiate Start TLS operation");
                        communicationException.initCause(e);
                        initialLdapContext.close();
                        throw communicationException;
                    }
                } catch (RuntimeException e2) {
                    objArr[1] = e2;
                } catch (NamingException e3) {
                    objArr[1] = e3;
                }
            }
        });
        thread.setDaemon(true);
        return getInitialLdapContext(thread, objArr, i);
    }

    public static String getLdapUrl(InitialLdapContext initialLdapContext) {
        String str = null;
        try {
            str = (String) initialLdapContext.getEnvironment().get("java.naming.provider.url");
        } catch (NamingException e) {
            LOG.log(Level.WARNING, "Naming exception getting environment of " + initialLdapContext, e);
        }
        return str;
    }

    public static String getHostName(InitialLdapContext initialLdapContext) {
        String str = null;
        try {
            str = new URI(getLdapUrl(initialLdapContext)).getHost();
        } catch (Throwable th) {
            LOG.log(Level.WARNING, "Error getting host: " + th, th);
        }
        return str;
    }

    public static int getPort(InitialLdapContext initialLdapContext) {
        int i = -1;
        try {
            i = new URI(getLdapUrl(initialLdapContext)).getPort();
        } catch (Throwable th) {
            LOG.log(Level.WARNING, "Error getting port: " + th, th);
        }
        return i;
    }

    public static String getHostPort(InitialLdapContext initialLdapContext) {
        return getHostName(initialLdapContext) + ToolConstants.LIST_TABLE_SEPARATOR + getPort(initialLdapContext);
    }

    public static String getBindDN(InitialLdapContext initialLdapContext) {
        String str = null;
        try {
            str = (String) initialLdapContext.getEnvironment().get("java.naming.security.principal");
        } catch (NamingException e) {
            LOG.log(Level.WARNING, "Naming exception getting environment of " + initialLdapContext, e);
        }
        return str;
    }

    public static String getBindPassword(InitialLdapContext initialLdapContext) {
        String str = null;
        try {
            str = (String) initialLdapContext.getEnvironment().get("java.naming.security.credentials");
        } catch (NamingException e) {
            LOG.log(Level.WARNING, "Naming exception getting environment of " + initialLdapContext, e);
        }
        return str;
    }

    public static boolean isSSL(InitialLdapContext initialLdapContext) {
        boolean z = false;
        try {
            z = getLdapUrl(initialLdapContext).toLowerCase().startsWith("ldaps");
        } catch (Throwable th) {
            LOG.log(Level.WARNING, "Error getting if is SSL " + th, th);
        }
        return z;
    }

    public static boolean isStartTLS(InitialLdapContext initialLdapContext) {
        boolean z = false;
        try {
            z = ServerConstants.CONFIG_VALUE_TRUE.equalsIgnoreCase((String) initialLdapContext.getEnvironment().get(STARTTLS_PROPERTY));
        } catch (NamingException e) {
            LOG.log(Level.WARNING, "Naming exception getting environment of " + initialLdapContext, e);
        }
        return z;
    }

    public static boolean canConnectAsAdministrativeUser(String str, String str2, String str3) {
        boolean z = false;
        try {
            z = connectedAsAdministrativeUser(str.toLowerCase().startsWith("ldap:") ? createLdapContext(str, str2, str3, getDefaultLDAPTimeout(), null) : createLdapsContext(str, str2, str3, getDefaultLDAPTimeout(), null, null, null));
        } catch (NamingException e) {
        } catch (Throwable th) {
            throw new IllegalStateException("Unexpected throwable.", th);
        }
        return z;
    }

    public static boolean connectedAsAdministrativeUser(InitialLdapContext initialLdapContext) {
        boolean z = false;
        try {
            SearchControls searchControls = new SearchControls();
            searchControls.setCountLimit(1L);
            searchControls.setSearchScope(0);
            searchControls.setReturningAttributes(new String[]{"1.1"});
            initialLdapContext.search(ConfigConstants.DN_CONFIG_ROOT, "objectclass=*", searchControls);
            z = true;
        } catch (NamingException e) {
        } catch (Throwable th) {
            throw new IllegalStateException("Unexpected throwable.", th);
        }
        return z;
    }

    private static InitialLdapContext getInitialLdapContext(Thread thread, Object[] objArr, int i) throws NamingException {
        try {
            if (i > 0) {
                thread.start();
                thread.join(i);
            } else {
                thread.run();
            }
        } catch (InterruptedException e) {
        }
        boolean z = false;
        if (i > 0 && thread.isAlive()) {
            thread.interrupt();
            try {
                thread.join(2000L);
            } catch (InterruptedException e2) {
            }
            z = true;
        }
        if (objArr[0] == null && objArr[1] == null) {
            z = true;
        }
        if (z) {
            ConnectException connectException = new ConnectException("Connection timed out");
            CommunicationException communicationException = new CommunicationException("Connection timed out");
            communicationException.initCause(connectException);
            throw communicationException;
        }
        if (objArr[1] != null) {
            if (objArr[1] instanceof NamingException) {
                throw ((NamingException) objArr[1]);
            }
            if (objArr[1] instanceof RuntimeException) {
                throw ((RuntimeException) objArr[1]);
            }
            if (objArr[1] instanceof Throwable) {
                throw new IllegalStateException("Unexpected throwable occurred", (Throwable) objArr[1]);
            }
        }
        return (InitialLdapContext) objArr[0];
    }

    public static int getDefaultLDAPTimeout() {
        return DEFAULT_LDAP_CONNECT_TIMEOUT;
    }

    public static String getHostNameForLdapUrl(String str) {
        if (str != null && str.indexOf(ToolConstants.LIST_TABLE_SEPARATOR) != -1) {
            str = str.trim();
            if (!str.startsWith("[")) {
                str = "[" + str;
            }
            if (!str.endsWith("]")) {
                str = str + "]";
            }
        }
        return str;
    }

    public static String getLDAPUrl(String str, int i, boolean z) {
        String hostNameForLdapUrl = getHostNameForLdapUrl(str);
        return z ? "ldaps://" + hostNameForLdapUrl + ToolConstants.LIST_TABLE_SEPARATOR + i : "ldap://" + hostNameForLdapUrl + ToolConstants.LIST_TABLE_SEPARATOR + i;
    }

    public static boolean isCertificateException(Throwable th) {
        boolean z = false;
        while (!z && th != null) {
            z = (th instanceof SSLHandshakeException) || (th instanceof GeneralSecurityException);
            th = th.getCause();
        }
        return z;
    }

    public static String getFirstValue(SearchResult searchResult, String str) throws NamingException {
        Attribute attribute;
        String str2 = null;
        Attributes attributes = searchResult.getAttributes();
        if (attributes != null && (attribute = attributes.get(str)) != null && attribute.size() > 0) {
            Object obj = attribute.get();
            str2 = obj instanceof String ? (String) obj : String.valueOf(obj);
        }
        return str2;
    }

    public static Set<String> getValues(SearchResult searchResult, String str) throws NamingException {
        Attribute attribute;
        HashSet hashSet = new HashSet();
        Attributes attributes = searchResult.getAttributes();
        if (attributes != null && (attribute = attributes.get(str)) != null) {
            for (int i = 0; i < attribute.size(); i++) {
                hashSet.add((String) attribute.get(i));
            }
        }
        return hashSet;
    }
}
