package org.apache.sshd.server.session;

import java.io.IOException;
import java.security.KeyPair;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Timer;
import java.util.TimerTask;
import org.apache.mina.core.session.IoSession;
import org.apache.sshd.agent.AgentForwardSupport;
import org.apache.sshd.client.future.OpenFuture;
import org.apache.sshd.common.Channel;
import org.apache.sshd.common.FactoryManager;
import org.apache.sshd.common.KeyExchange;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.SshConstants;
import org.apache.sshd.common.SshException;
import org.apache.sshd.common.future.CloseFuture;
import org.apache.sshd.common.future.SshFutureListener;
import org.apache.sshd.common.session.AbstractSession;
import org.apache.sshd.common.util.Buffer;
import org.apache.sshd.server.ServerFactoryManager;
import org.apache.sshd.server.UserAuth;
import org.apache.sshd.server.channel.OpenChannelException;
import org.apache.sshd.server.x11.X11ForwardSupport;

/* loaded from: input_file:karaf.zip:apache-karaf-2.2.0-fuse-00-89/system/org/apache/sshd/sshd-core/0.5.0/sshd-core-0.5.0.jar:org/apache/sshd/server/session/ServerSession.class */
public class ServerSession extends AbstractSession {
    private Timer timer;
    private TimerTask authTimerTask;
    private State state;
    private String username;
    private int maxAuthRequests;
    private int nbAuthRequests;
    private int authTimeout;
    private boolean allowMoreSessions;
    private final TcpipForwardSupport tcpipForward;
    private final AgentForwardSupport agentForward;
    private final X11ForwardSupport x11Forward;
    private List<NamedFactory<UserAuth>> userAuthFactories;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:karaf.zip:apache-karaf-2.2.0-fuse-00-89/system/org/apache/sshd/sshd-core/0.5.0/sshd-core-0.5.0.jar:org/apache/sshd/server/session/ServerSession$State.class */
    public enum State {
        ReceiveKexInit,
        Kex,
        ReceiveNewKeys,
        WaitingUserAuth,
        UserAuth,
        Running,
        Unknown
    }

    public ServerSession(FactoryManager factoryManager, IoSession ioSession) throws Exception {
        super(factoryManager, ioSession);
        this.state = State.ReceiveKexInit;
        this.maxAuthRequests = 20;
        this.authTimeout = 600000;
        this.allowMoreSessions = true;
        this.maxAuthRequests = getIntProperty(FactoryManager.MAX_AUTH_REQUESTS, this.maxAuthRequests);
        this.authTimeout = getIntProperty(FactoryManager.AUTH_TIMEOUT, this.authTimeout);
        this.tcpipForward = new TcpipForwardSupport(this);
        this.agentForward = new AgentForwardSupport(this);
        this.x11Forward = new X11ForwardSupport(this);
        this.log.info("Session created...");
        sendServerIdentification();
        sendKexInit();
    }

    @Override // org.apache.sshd.common.session.AbstractSession, org.apache.sshd.ClientSession
    public CloseFuture close(boolean z) {
        unscheduleAuthTimer();
        this.tcpipForward.close();
        this.agentForward.close();
        this.x11Forward.close();
        return super.close(z);
    }

    public String getNegociated(int i) {
        return this.negociated[i];
    }

    public KeyExchange getKex() {
        return this.kex;
    }

    public ServerFactoryManager getServerFactoryManager() {
        return (ServerFactoryManager) this.factoryManager;
    }

    public String getUsername() {
        return this.username;
    }

    @Override // org.apache.sshd.common.session.AbstractSession
    protected void handleMessage(Buffer buffer) throws Exception {
        SshConstants.Message command = buffer.getCommand();
        this.log.debug("Received packet {}", command);
        switch (command) {
            case SSH_MSG_DISCONNECT:
                this.log.info("Received SSH_MSG_DISCONNECT (reason={}, msg={})", Integer.valueOf(buffer.getInt()), buffer.getString());
                close(true);
                return;
            case SSH_MSG_UNIMPLEMENTED:
                this.log.info("Received SSH_MSG_UNIMPLEMENTED #{}", Integer.valueOf(buffer.getInt()));
                return;
            case SSH_MSG_DEBUG:
                this.log.info("Received SSH_MSG_DEBUG (display={}) '{}'", Boolean.valueOf(buffer.getBoolean()), buffer.getString());
                return;
            case SSH_MSG_IGNORE:
                this.log.info("Received SSH_MSG_IGNORE");
                return;
            default:
                switch (this.state) {
                    case ReceiveKexInit:
                        if (command != SshConstants.Message.SSH_MSG_KEXINIT) {
                            this.log.error("Ignoring command " + command + " while waiting for " + SshConstants.Message.SSH_MSG_KEXINIT);
                            return;
                        }
                        this.log.info("Received SSH_MSG_KEXINIT");
                        receiveKexInit(buffer);
                        negociate();
                        this.kex = (KeyExchange) NamedFactory.Utils.create(this.factoryManager.getKeyExchangeFactories(), this.negociated[0]);
                        this.kex.init(this, this.serverVersion.getBytes(), this.clientVersion.getBytes(), this.I_S, this.I_C);
                        this.state = State.Kex;
                        return;
                    case Kex:
                        buffer.rpos(buffer.rpos() - 1);
                        if (this.kex.next(buffer)) {
                            sendNewKeys();
                            this.state = State.ReceiveNewKeys;
                            return;
                        }
                        return;
                    case ReceiveNewKeys:
                        if (command != SshConstants.Message.SSH_MSG_NEWKEYS) {
                            disconnect(2, "Protocol error: expected packet " + SshConstants.Message.SSH_MSG_NEWKEYS + ", got " + command);
                            return;
                        }
                        this.log.info("Received SSH_MSG_NEWKEYS");
                        receiveNewKeys(true);
                        this.state = State.WaitingUserAuth;
                        scheduleAuthTimer();
                        return;
                    case WaitingUserAuth:
                        if (command != SshConstants.Message.SSH_MSG_SERVICE_REQUEST) {
                            this.log.info("Expecting a {}, but received {}", SshConstants.Message.SSH_MSG_SERVICE_REQUEST, command);
                            notImplemented();
                            return;
                        }
                        String string = buffer.getString();
                        this.log.info("Received SSH_MSG_SERVICE_REQUEST '{}'", string);
                        if ("ssh-userauth".equals(string)) {
                            userAuth(buffer);
                            return;
                        } else {
                            disconnect(7, "Bad service request: " + string);
                            return;
                        }
                    case UserAuth:
                        if (command != SshConstants.Message.SSH_MSG_USERAUTH_REQUEST) {
                            disconnect(2, "Protocol error: expected packet " + SshConstants.Message.SSH_MSG_USERAUTH_REQUEST + ", got " + command);
                            return;
                        } else {
                            this.log.info("Received SSH_MSG_USERAUTH_REQUEST");
                            userAuth(buffer);
                            return;
                        }
                    case Running:
                        switch (command) {
                            case SSH_MSG_SERVICE_REQUEST:
                                serviceRequest(buffer);
                                return;
                            case SSH_MSG_CHANNEL_OPEN:
                                channelOpen(buffer);
                                return;
                            case SSH_MSG_CHANNEL_OPEN_CONFIRMATION:
                                channelOpenConfirmation(buffer);
                                return;
                            case SSH_MSG_CHANNEL_OPEN_FAILURE:
                                channelOpenFailure(buffer);
                                return;
                            case SSH_MSG_CHANNEL_REQUEST:
                                channelRequest(buffer);
                                return;
                            case SSH_MSG_CHANNEL_DATA:
                                channelData(buffer);
                                return;
                            case SSH_MSG_CHANNEL_EXTENDED_DATA:
                                channelExtendedData(buffer);
                                return;
                            case SSH_MSG_CHANNEL_WINDOW_ADJUST:
                                channelWindowAdjust(buffer);
                                return;
                            case SSH_MSG_CHANNEL_EOF:
                                channelEof(buffer);
                                return;
                            case SSH_MSG_CHANNEL_CLOSE:
                                channelClose(buffer);
                                return;
                            case SSH_MSG_GLOBAL_REQUEST:
                                globalRequest(buffer);
                                return;
                            case SSH_MSG_KEXINIT:
                                receiveKexInit(buffer);
                                sendKexInit();
                                negociate();
                                this.kex = (KeyExchange) NamedFactory.Utils.create(this.factoryManager.getKeyExchangeFactories(), this.negociated[0]);
                                this.kex.init(this, this.serverVersion.getBytes(), this.clientVersion.getBytes(), this.I_S, this.I_C);
                                return;
                            case SSH_MSG_KEXDH_INIT:
                                buffer.rpos(buffer.rpos() - 1);
                                if (this.kex.next(buffer)) {
                                    sendNewKeys();
                                    return;
                                }
                                return;
                            case SSH_MSG_NEWKEYS:
                                receiveNewKeys(true);
                                return;
                            default:
                                throw new IllegalStateException("Unsupported command: " + command);
                        }
                    default:
                        throw new IllegalStateException("Unsupported state: " + this.state);
                }
        }
    }

    private void scheduleAuthTimer() {
        this.authTimerTask = new TimerTask() { // from class: org.apache.sshd.server.session.ServerSession.1
            @Override // java.util.TimerTask, java.lang.Runnable
            public void run() {
                try {
                    ServerSession.this.processAuthTimer();
                } catch (IOException e) {
                }
            }
        };
        this.timer = new Timer(true);
        this.timer.schedule(this.authTimerTask, this.authTimeout);
    }

    private void unscheduleAuthTimer() {
        if (this.authTimerTask != null) {
            this.authTimerTask.cancel();
            this.authTimerTask = null;
        }
        if (this.timer != null) {
            this.timer.cancel();
            this.timer = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void processAuthTimer() throws IOException {
        if (this.authed) {
            return;
        }
        disconnect(2, "User authentication has timed out");
    }

    private void sendServerIdentification() {
        if (getFactoryManager().getProperties() == null || getFactoryManager().getProperties().get(ServerFactoryManager.SERVER_IDENTIFICATION) == null) {
            this.serverVersion = "SSH-2.0-" + getFactoryManager().getVersion();
        } else {
            this.serverVersion = "SSH-2.0-" + getFactoryManager().getProperties().get(ServerFactoryManager.SERVER_IDENTIFICATION);
        }
        sendIdentification(this.serverVersion);
    }

    private void sendKexInit() throws IOException {
        this.serverProposal = createProposal(this.factoryManager.getKeyPairProvider().getKeyTypes());
        this.I_S = sendKexInit(this.serverProposal);
    }

    @Override // org.apache.sshd.common.session.AbstractSession
    protected boolean readIdentification(Buffer buffer) throws IOException {
        this.clientVersion = doReadIdentification(buffer);
        if (this.clientVersion == null) {
            return false;
        }
        this.log.info("Client version string: {}", this.clientVersion);
        if (this.clientVersion.startsWith("SSH-2.0-")) {
            return true;
        }
        throw new SshException(8, "Unsupported protocol version: " + this.clientVersion);
    }

    private void receiveKexInit(Buffer buffer) throws IOException {
        this.clientProposal = new String[10];
        this.I_C = receiveKexInit(buffer, this.clientProposal);
    }

    private void serviceRequest(Buffer buffer) throws Exception {
        String string = buffer.getString();
        this.log.info("Received SSH_MSG_SERVICE_REQUEST '{}'", string);
        disconnect(7, "Unsupported service request: " + string);
    }

    private void userAuth(Buffer buffer) throws Exception {
        String str;
        if (this.state == State.WaitingUserAuth) {
            this.log.info("Accepting user authentication request");
            Buffer createBuffer = createBuffer(SshConstants.Message.SSH_MSG_SERVICE_ACCEPT, 0);
            createBuffer.putString("ssh-userauth");
            writePacket(createBuffer);
            this.userAuthFactories = new ArrayList(getServerFactoryManager().getUserAuthFactories());
            this.log.info("Authorized authentication methods: {}", NamedFactory.Utils.getNames(this.userAuthFactories));
            this.state = State.UserAuth;
            return;
        }
        int i = this.nbAuthRequests;
        this.nbAuthRequests = i + 1;
        if (i > this.maxAuthRequests) {
            throw new SshException(2, "Too may authentication failures");
        }
        String string = buffer.getString();
        buffer.getString();
        String string2 = buffer.getString();
        this.log.info("Authenticating user '{}' with method '{}'", string, string2);
        Boolean bool = null;
        NamedFactory namedFactory = NamedFactory.Utils.get(this.userAuthFactories, string2);
        if (namedFactory != null) {
            try {
                bool = ((UserAuth) namedFactory.create()).auth(this, string, buffer);
                if (bool == null) {
                    this.log.info("Authentication not finished");
                    return;
                }
                this.log.info(bool.booleanValue() ? "Authentication succeeded" : "Authentication failed");
            } catch (Exception e) {
                bool = false;
                this.log.info("Authentication failed: {}", e.getMessage());
            }
        } else {
            this.log.info("Unsupported authentication method '{}'", string2);
        }
        if (bool == null || !bool.booleanValue()) {
            Buffer createBuffer2 = createBuffer(SshConstants.Message.SSH_MSG_USERAUTH_FAILURE, 0);
            NamedFactory.Utils.remove(this.userAuthFactories, "none");
            createBuffer2.putString(NamedFactory.Utils.getNames(this.userAuthFactories));
            createBuffer2.putByte((byte) 0);
            writePacket(createBuffer2);
            return;
        }
        if (getFactoryManager().getProperties() != null && (str = getFactoryManager().getProperties().get(ServerFactoryManager.MAX_CONCURRENT_SESSIONS)) != null) {
            if (getActiveSessionCountForUser(string) >= Integer.parseInt(str)) {
                disconnect(7, "Too many concurrent connections");
                return;
            }
        }
        writePacket(createBuffer(SshConstants.Message.SSH_MSG_USERAUTH_SUCCESS, 0));
        this.state = State.Running;
        this.authed = true;
        this.username = string;
        unscheduleAuthTimer();
    }

    public KeyPair getHostKey() {
        return this.factoryManager.getKeyPairProvider().loadKey(this.negociated[1]);
    }

    protected int getActiveSessionCountForUser(String str) {
        int i = 0;
        Iterator<IoSession> it = this.ioSession.getService().getManagedSessions().values().iterator();
        while (it.hasNext()) {
            ServerSession serverSession = (ServerSession) getSession(it.next(), true);
            if (serverSession != null && serverSession.getUsername() != null && serverSession.getUsername().equals(str)) {
                i++;
            }
        }
        return i;
    }

    private void channelOpen(Buffer buffer) throws Exception {
        String string = buffer.getString();
        final int i = buffer.getInt();
        int i2 = buffer.getInt();
        int i3 = buffer.getInt();
        this.log.info("Received SSH_MSG_CHANNEL_OPEN {}", string);
        if (this.closing) {
            Buffer createBuffer = createBuffer(SshConstants.Message.SSH_MSG_CHANNEL_OPEN_FAILURE, 0);
            createBuffer.putInt(i);
            createBuffer.putInt(2L);
            createBuffer.putString("SSH server is shutting down: " + string);
            createBuffer.putString("");
            writePacket(createBuffer);
            return;
        }
        if (!this.allowMoreSessions) {
            Buffer createBuffer2 = createBuffer(SshConstants.Message.SSH_MSG_CHANNEL_OPEN_FAILURE, 0);
            createBuffer2.putInt(i);
            createBuffer2.putInt(2L);
            createBuffer2.putString("additional sessions disabled");
            createBuffer2.putString("");
            writePacket(createBuffer2);
            return;
        }
        final Channel channel = (Channel) NamedFactory.Utils.create(getServerFactoryManager().getChannelFactories(), string);
        if (channel != null) {
            final int nextChannelId = getNextChannelId();
            this.channels.put(Integer.valueOf(nextChannelId), channel);
            channel.init(this, nextChannelId);
            channel.open(i, i2, i3, buffer).addListener(new SshFutureListener<OpenFuture>() { // from class: org.apache.sshd.server.session.ServerSession.2
                @Override // org.apache.sshd.common.future.SshFutureListener
                public void operationComplete(OpenFuture openFuture) {
                    try {
                        if (openFuture.isOpened()) {
                            Buffer createBuffer3 = ServerSession.this.createBuffer(SshConstants.Message.SSH_MSG_CHANNEL_OPEN_CONFIRMATION, 0);
                            createBuffer3.putInt(i);
                            createBuffer3.putInt(nextChannelId);
                            createBuffer3.putInt(channel.getLocalWindow().getSize());
                            createBuffer3.putInt(channel.getLocalWindow().getPacketSize());
                            ServerSession.this.writePacket(createBuffer3);
                        } else if (openFuture.getException() != null) {
                            Buffer createBuffer4 = ServerSession.this.createBuffer(SshConstants.Message.SSH_MSG_CHANNEL_OPEN_FAILURE, 0);
                            createBuffer4.putInt(i);
                            if (openFuture.getException() instanceof OpenChannelException) {
                                createBuffer4.putInt(((OpenChannelException) openFuture.getException()).getReasonCode());
                                createBuffer4.putString(openFuture.getException().getMessage());
                            } else {
                                createBuffer4.putInt(0L);
                                createBuffer4.putString("Error opening channel: " + openFuture.getException().getMessage());
                            }
                            createBuffer4.putString("");
                            ServerSession.this.writePacket(createBuffer4);
                        }
                    } catch (IOException e) {
                        ServerSession.this.exceptionCaught(e);
                    }
                }
            });
            return;
        }
        Buffer createBuffer3 = createBuffer(SshConstants.Message.SSH_MSG_CHANNEL_OPEN_FAILURE, 0);
        createBuffer3.putInt(i);
        createBuffer3.putInt(3L);
        createBuffer3.putString("Unsupported channel type: " + string);
        createBuffer3.putString("");
        writePacket(createBuffer3);
    }

    private void globalRequest(Buffer buffer) throws Exception {
        String string = buffer.getString();
        boolean z = buffer.getBoolean();
        if (!string.equals("keepalive@openssh.com")) {
            if (string.equals("no-more-sessions@openssh.com")) {
                this.allowMoreSessions = false;
            } else if (string.equals("tcpip-forward")) {
                this.tcpipForward.request(buffer, z);
                return;
            } else if (string.equals("cancel-tcpip-forward")) {
                this.tcpipForward.cancel(buffer, z);
                return;
            } else {
                this.log.info("Received SSH_MSG_GLOBAL_REQUEST {}", string);
                this.log.error("Unknown global request: {}", string);
            }
        }
        if (z) {
            writePacket(createBuffer(SshConstants.Message.SSH_MSG_REQUEST_FAILURE, 0));
        }
    }

    public String initAgentForward() throws IOException {
        return this.agentForward.initialize();
    }

    public String createX11Display(boolean z, String str, String str2, int i) throws IOException {
        return this.x11Forward.createDisplay(z, str, str2, i);
    }
}
