package org.jivesoftware.openfire.http;

import java.io.File;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import javax.net.ssl.SSLContext;
import org.apache.commons.logging.LogFactory;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.net.SSLConfig;
import org.jivesoftware.util.CertificateEventListener;
import org.jivesoftware.util.CertificateManager;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.Log;
import org.jivesoftware.util.PropertyEventDispatcher;
import org.jivesoftware.util.PropertyEventListener;
import org.logicalcobwebs.proxool.ProxoolConstants;
import org.mortbay.jetty.Connector;
import org.mortbay.jetty.Handler;
import org.mortbay.jetty.Server;
import org.mortbay.jetty.handler.ContextHandler;
import org.mortbay.jetty.handler.ContextHandlerCollection;
import org.mortbay.jetty.handler.DefaultHandler;
import org.mortbay.jetty.nio.SelectChannelConnector;
import org.mortbay.jetty.security.SslSelectChannelConnector;
import org.mortbay.jetty.servlet.ServletHandler;
import org.mortbay.jetty.webapp.WebAppContext;

/* loaded from: input_file:org/jivesoftware/openfire/http/HttpBindManager.class */
public final class HttpBindManager {
    public static final String HTTP_BIND_ENABLED = "httpbind.enabled";
    public static final boolean HTTP_BIND_ENABLED_DEFAULT = true;
    public static final String HTTP_BIND_PORT = "httpbind.port.plain";
    public static final int HTTP_BIND_PORT_DEFAULT = 7070;
    public static final String HTTP_BIND_SECURE_PORT = "httpbind.port.secure";
    public static final int HTTP_BIND_SECURE_PORT_DEFAULT = 7443;
    private static HttpBindManager instance = new HttpBindManager();
    private Server httpBindServer;
    private int bindPort;
    private int bindSecurePort;
    private Connector httpConnector;
    private Connector httpsConnector;
    private CertificateListener certificateListener;
    private HttpSessionManager httpSessionManager;
    private ContextHandlerCollection contexts;

    /* loaded from: input_file:org/jivesoftware/openfire/http/HttpBindManager$CertificateListener.class */
    private class CertificateListener implements CertificateEventListener {
        private CertificateListener() {
        }

        @Override // org.jivesoftware.util.CertificateEventListener
        public void certificateCreated(KeyStore keyStore, String str, X509Certificate x509Certificate) {
            if ("RSA".equals(x509Certificate.getPublicKey().getAlgorithm())) {
                HttpBindManager.this.restartServer();
            }
        }

        @Override // org.jivesoftware.util.CertificateEventListener
        public void certificateDeleted(KeyStore keyStore, String str) {
            HttpBindManager.this.restartServer();
        }

        @Override // org.jivesoftware.util.CertificateEventListener
        public void certificateSigned(KeyStore keyStore, String str, List<X509Certificate> list) {
            if ("RSA".equals(list.get(0).getPublicKey().getAlgorithm())) {
                HttpBindManager.this.restartServer();
            }
        }
    }

    /* loaded from: input_file:org/jivesoftware/openfire/http/HttpBindManager$HttpServerPropertyListener.class */
    private class HttpServerPropertyListener implements PropertyEventListener {
        private HttpServerPropertyListener() {
        }

        @Override // org.jivesoftware.util.PropertyEventListener
        public void propertySet(String str, Map map) {
            if (str.equalsIgnoreCase(HttpBindManager.HTTP_BIND_ENABLED)) {
                HttpBindManager.this.doEnableHttpBind(Boolean.valueOf(map.get("value").toString()).booleanValue());
                return;
            }
            if (str.equalsIgnoreCase(HttpBindManager.HTTP_BIND_PORT)) {
                try {
                    HttpBindManager.this.setUnsecureHttpBindPort(Integer.valueOf(map.get("value").toString()).intValue());
                    return;
                } catch (NumberFormatException e) {
                    JiveGlobals.deleteProperty(HttpBindManager.HTTP_BIND_PORT);
                    return;
                }
            }
            if (str.equalsIgnoreCase(HttpBindManager.HTTP_BIND_SECURE_PORT)) {
                try {
                    HttpBindManager.this.setSecureHttpBindPort(Integer.valueOf(map.get("value").toString()).intValue());
                } catch (NumberFormatException e2) {
                    JiveGlobals.deleteProperty(HttpBindManager.HTTP_BIND_SECURE_PORT);
                }
            }
        }

        @Override // org.jivesoftware.util.PropertyEventListener
        public void propertyDeleted(String str, Map map) {
            if (str.equalsIgnoreCase(HttpBindManager.HTTP_BIND_ENABLED)) {
                HttpBindManager.this.doEnableHttpBind(true);
            } else if (str.equalsIgnoreCase(HttpBindManager.HTTP_BIND_PORT)) {
                HttpBindManager.this.setUnsecureHttpBindPort(HttpBindManager.HTTP_BIND_PORT_DEFAULT);
            } else if (str.equalsIgnoreCase(HttpBindManager.HTTP_BIND_SECURE_PORT)) {
                HttpBindManager.this.setSecureHttpBindPort(HttpBindManager.HTTP_BIND_SECURE_PORT_DEFAULT);
            }
        }

        @Override // org.jivesoftware.util.PropertyEventListener
        public void xmlPropertySet(String str, Map map) {
        }

        @Override // org.jivesoftware.util.PropertyEventListener
        public void xmlPropertyDeleted(String str, Map map) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/jivesoftware/openfire/http/HttpBindManager$JiveSslConnector.class */
    public class JiveSslConnector extends SslSelectChannelConnector {
        private JiveSslConnector() {
        }

        @Override // org.mortbay.jetty.security.SslSelectChannelConnector
        protected SSLContext createSSLContext() throws Exception {
            return SSLConfig.getc2sSSLContext();
        }
    }

    public static HttpBindManager getInstance() {
        return instance;
    }

    private HttpBindManager() {
        System.setProperty("org.mortbay.log.class", "org.jivesoftware.util.log.util.JettyLog");
        System.setProperty(LogFactory.FACTORY_PROPERTY, "org.jivesoftware.util.log.util.CommonsLogFactory");
        PropertyEventDispatcher.addListener(new HttpServerPropertyListener());
        this.httpSessionManager = new HttpSessionManager();
        this.contexts = new ContextHandlerCollection();
    }

    public void start() {
        this.certificateListener = new CertificateListener();
        CertificateManager.addListener(this.certificateListener);
        if (isHttpBindServiceEnabled()) {
            this.bindPort = getHttpBindUnsecurePort();
            this.bindSecurePort = getHttpBindSecurePort();
            configureHttpBindServer(this.bindPort, this.bindSecurePort);
            try {
                this.httpBindServer.start();
            } catch (Exception e) {
                Log.error("Error starting HTTP bind service", e);
            }
        }
    }

    public void stop() {
        CertificateManager.removeListener(this.certificateListener);
        if (this.httpBindServer != null) {
            try {
                this.httpBindServer.stop();
            } catch (Exception e) {
                Log.error("Error stoping HTTP bind service", e);
            }
        }
    }

    public HttpSessionManager getSessionManager() {
        return this.httpSessionManager;
    }

    private boolean isHttpBindServiceEnabled() {
        return JiveGlobals.getBooleanProperty(HTTP_BIND_ENABLED, true);
    }

    private void createConnector(int i) {
        this.httpConnector = null;
        if (i > 0) {
            SelectChannelConnector selectChannelConnector = new SelectChannelConnector();
            selectChannelConnector.setHost(getBindInterface());
            selectChannelConnector.setPort(i);
            this.httpConnector = selectChannelConnector;
        }
    }

    private void createSSLConnector(int i) {
        this.httpsConnector = null;
        if (i > 0) {
            try {
                if (CertificateManager.isRSACertificate(SSLConfig.getKeyStore(), "*")) {
                    if (!CertificateManager.isRSACertificate(SSLConfig.getKeyStore(), XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                        Log.warn("HTTP binding: Using RSA certificates but they are not valid for the hosted domain");
                    }
                    JiveSslConnector jiveSslConnector = new JiveSslConnector();
                    jiveSslConnector.setHost(getBindInterface());
                    jiveSslConnector.setPort(i);
                    jiveSslConnector.setTrustPassword(SSLConfig.getc2sTrustPassword());
                    jiveSslConnector.setTruststoreType(SSLConfig.getStoreType());
                    jiveSslConnector.setTruststore(SSLConfig.getc2sTruststoreLocation());
                    String property = JiveGlobals.getProperty("xmpp.client.cert.policy", "disabled");
                    if (property.equals("needed")) {
                        jiveSslConnector.setNeedClientAuth(true);
                        jiveSslConnector.setWantClientAuth(true);
                    } else if (property.equals("wanted")) {
                        jiveSslConnector.setNeedClientAuth(false);
                        jiveSslConnector.setWantClientAuth(true);
                    } else {
                        jiveSslConnector.setNeedClientAuth(false);
                        jiveSslConnector.setWantClientAuth(false);
                    }
                    jiveSslConnector.setKeyPassword(SSLConfig.getKeyPassword());
                    jiveSslConnector.setKeystoreType(SSLConfig.getStoreType());
                    jiveSslConnector.setKeystore(SSLConfig.getKeystoreLocation());
                    this.httpsConnector = jiveSslConnector;
                }
            } catch (Exception e) {
                Log.error("Error creating SSL connector for Http bind", e);
            }
        }
    }

    private String getBindInterface() {
        String xMLProperty = JiveGlobals.getXMLProperty("network.interface");
        String str = null;
        if (xMLProperty != null && xMLProperty.trim().length() > 0) {
            str = xMLProperty;
        }
        return str;
    }

    public boolean isHttpBindEnabled() {
        return this.httpBindServer != null && this.httpBindServer.isRunning();
    }

    public boolean isHttpBindActive() {
        return this.httpConnector != null && this.httpConnector.isRunning();
    }

    public boolean isHttpsBindActive() {
        return this.httpsConnector != null && this.httpsConnector.isRunning();
    }

    public String getHttpBindUnsecureAddress() {
        return "http://" + XMPPServer.getInstance().getServerInfo().getXMPPDomain() + ProxoolConstants.URL_DELIMITER + this.bindPort + "/http-bind/";
    }

    public String getHttpBindSecureAddress() {
        return "https://" + XMPPServer.getInstance().getServerInfo().getXMPPDomain() + ProxoolConstants.URL_DELIMITER + this.bindSecurePort + "/http-bind/";
    }

    public String getJavaScriptUrl() {
        return "http://" + XMPPServer.getInstance().getServerInfo().getXMPPDomain() + ProxoolConstants.URL_DELIMITER + this.bindPort + "/scripts/";
    }

    public void setHttpBindEnabled(boolean z) {
        JiveGlobals.setProperty(HTTP_BIND_ENABLED, String.valueOf(z));
    }

    public void setHttpBindPorts(int i, int i2) throws Exception {
        changeHttpBindPorts(i, i2);
        this.bindPort = i;
        this.bindSecurePort = i2;
        if (i != 7070) {
            JiveGlobals.setProperty(HTTP_BIND_PORT, String.valueOf(i));
        } else {
            JiveGlobals.deleteProperty(HTTP_BIND_PORT);
        }
        if (i2 != 7443) {
            JiveGlobals.setProperty(HTTP_BIND_SECURE_PORT, String.valueOf(i2));
        } else {
            JiveGlobals.deleteProperty(HTTP_BIND_SECURE_PORT);
        }
    }

    private synchronized void changeHttpBindPorts(int i, int i2) throws Exception {
        if (i < 0 && i2 < 0) {
            throw new IllegalArgumentException("At least one port must be greater than zero.");
        }
        if (i == i2) {
            throw new IllegalArgumentException("Ports must be distinct.");
        }
        if (this.httpBindServer != null) {
            try {
                this.httpBindServer.stop();
            } catch (Exception e) {
                Log.error("Error stopping http bind server", e);
            }
        }
        configureHttpBindServer(i, i2);
        this.httpBindServer.start();
    }

    private synchronized void configureHttpBindServer(int i, int i2) {
        this.httpBindServer = new Server();
        createConnector(i);
        createSSLConnector(i2);
        if (this.httpConnector == null && this.httpsConnector == null) {
            this.httpBindServer = null;
            return;
        }
        if (this.httpConnector != null) {
            this.httpBindServer.addConnector(this.httpConnector);
        }
        if (this.httpsConnector != null) {
            this.httpBindServer.addConnector(this.httpsConnector);
        }
        createBoshHandler(this.contexts, "/http-bind");
        createCrossDomainHandler(this.contexts, "/");
        loadStaticDirectory(this.contexts);
        this.httpBindServer.setHandlers(new Handler[]{this.contexts, new DefaultHandler()});
    }

    private void createBoshHandler(ContextHandlerCollection contextHandlerCollection, String str) {
        ServletHandler servletHandler = new ServletHandler();
        servletHandler.addServletWithMapping(HttpBindServlet.class, "/");
        new ContextHandler(contextHandlerCollection, str).setHandler(servletHandler);
    }

    private void createCrossDomainHandler(ContextHandlerCollection contextHandlerCollection, String str) {
        ServletHandler servletHandler = new ServletHandler();
        servletHandler.addServletWithMapping(FlashCrossDomainServlet.class, "/crossdomain.xml");
        new ContextHandler(contextHandlerCollection, str).setHandler(servletHandler);
    }

    private void loadStaticDirectory(ContextHandlerCollection contextHandlerCollection) {
        File file = new File(JiveGlobals.getHomeDirectory() + File.separator + "resources" + File.separator + "spank");
        if (file.exists()) {
            if (file.canRead()) {
                new WebAppContext(contextHandlerCollection, file.getPath(), "/").setWelcomeFiles(new String[]{"index.html"});
            } else {
                Log.warn("Openfire cannot read the directory: " + file);
            }
        }
    }

    public ContextHandlerCollection getContexts() {
        return this.contexts;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doEnableHttpBind(boolean z) {
        if (z && this.httpBindServer == null) {
            try {
                changeHttpBindPorts(JiveGlobals.getIntProperty(HTTP_BIND_PORT, HTTP_BIND_PORT_DEFAULT), JiveGlobals.getIntProperty(HTTP_BIND_SECURE_PORT, HTTP_BIND_SECURE_PORT_DEFAULT));
                return;
            } catch (Exception e) {
                Log.error("Error configuring HTTP binding ports", e);
                return;
            }
        }
        if (z || this.httpBindServer == null) {
            return;
        }
        try {
            this.httpBindServer.stop();
        } catch (Exception e2) {
            Log.error("Error stopping HTTP bind service", e2);
        }
        this.httpBindServer = null;
    }

    public int getHttpBindUnsecurePort() {
        return JiveGlobals.getIntProperty(HTTP_BIND_PORT, HTTP_BIND_PORT_DEFAULT);
    }

    public int getHttpBindSecurePort() {
        return JiveGlobals.getIntProperty(HTTP_BIND_SECURE_PORT, HTTP_BIND_SECURE_PORT_DEFAULT);
    }

    public boolean isScriptSyntaxEnabled() {
        return JiveGlobals.getBooleanProperty("xmpp.httpbind.scriptSyntax.enabled", false);
    }

    public void setScriptSyntaxEnabled(boolean z) {
        if (z) {
            JiveGlobals.setProperty("xmpp.httpbind.scriptSyntax.enabled", String.valueOf(z));
        } else {
            JiveGlobals.deleteProperty("xmpp.httpbind.scriptSyntax.enabled");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setUnsecureHttpBindPort(int i) {
        if (i == this.bindPort) {
            return;
        }
        try {
            changeHttpBindPorts(i, JiveGlobals.getIntProperty(HTTP_BIND_SECURE_PORT, HTTP_BIND_SECURE_PORT_DEFAULT));
            this.bindPort = i;
        } catch (Exception e) {
            Log.error("Error setting HTTP bind ports", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setSecureHttpBindPort(int i) {
        if (i == this.bindSecurePort) {
            return;
        }
        try {
            changeHttpBindPorts(JiveGlobals.getIntProperty(HTTP_BIND_PORT, HTTP_BIND_PORT_DEFAULT), i);
            this.bindSecurePort = i;
        } catch (Exception e) {
            Log.error("Error setting HTTP bind ports", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void restartServer() {
        if (this.httpBindServer != null) {
            try {
                this.httpBindServer.stop();
            } catch (Exception e) {
                Log.error("Error stopping http bind server", e);
            }
            configureHttpBindServer(getHttpBindUnsecurePort(), getHttpBindSecurePort());
        }
    }
}
