package org.jboss.remoting3.remote;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.nio.BufferOverflowException;
import java.nio.BufferUnderflowException;
import java.nio.ByteBuffer;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.atomic.AtomicInteger;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import javax.security.sasl.SaslServerFactory;
import org.jboss.remoting3.security.ServerAuthenticationProvider;
import org.jboss.remoting3.spi.ConnectionHandler;
import org.jboss.remoting3.spi.ConnectionHandlerContext;
import org.jboss.remoting3.spi.ConnectionHandlerFactory;
import org.jboss.remoting3.spi.ConnectionProviderContext;
import org.xnio.Buffers;
import org.xnio.ChannelListener;
import org.xnio.OptionMap;
import org.xnio.Pooled;
import org.xnio.channels.ConnectedMessageChannel;
import org.xnio.sasl.SaslUtils;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/jboss/remoting3/remote/ServerConnectionOpenListener.class */
public final class ServerConnectionOpenListener implements ChannelListener<ConnectedMessageChannel> {
    private final RemoteConnection connection;
    private final ConnectionProviderContext connectionProviderContext;
    private final ServerAuthenticationProvider serverAuthenticationProvider;
    private final OptionMap optionMap;
    private final AccessControlContext accessControlContext;
    private final AtomicInteger retryCount = new AtomicInteger(8);
    private final String serverName;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/jboss/remoting3/remote/ServerConnectionOpenListener$Authentication.class */
    public final class Authentication implements ChannelListener<ConnectedMessageChannel> {
        private final SaslServer saslServer;
        private final String remoteEndpointName;

        Authentication(SaslServer saslServer, String str) {
            this.saslServer = saslServer;
            this.remoteEndpointName = str;
        }

        public void handleEvent(ConnectedMessageChannel connectedMessageChannel) {
            Pooled<ByteBuffer> allocate = ServerConnectionOpenListener.this.connection.allocate();
            try {
                try {
                    try {
                        final ByteBuffer byteBuffer = (ByteBuffer) allocate.getResource();
                        try {
                            int receive = connectedMessageChannel.receive(byteBuffer);
                            if (receive == -1) {
                                RemoteLogger.log.trace("Received connection end-of-stream");
                                ServerConnectionOpenListener.this.connection.handlePreAuthCloseRequest();
                                allocate.free();
                                return;
                            }
                            if (receive == 0) {
                                allocate.free();
                                return;
                            }
                            RemoteLogger.server.tracef("Received %s", byteBuffer);
                            byteBuffer.flip();
                            byte b = byteBuffer.get();
                            switch (b) {
                                case -1:
                                    RemoteLogger.server.trace("Server received connection close request");
                                    ServerConnectionOpenListener.this.connection.handlePreAuthCloseRequest();
                                    allocate.free();
                                    return;
                                case 1:
                                    RemoteLogger.server.trace("Server received capabilities request (cancelling authentication)");
                                    Initial initial = new Initial();
                                    ServerConnectionOpenListener.this.connection.setReadListener(initial);
                                    initial.sendCapabilities();
                                    allocate.free();
                                    return;
                                case 4:
                                    RemoteLogger.server.tracef("Server received authentication response", new Object[0]);
                                    ServerConnectionOpenListener.this.connection.getChannel().suspendReads();
                                    ServerConnectionOpenListener.this.connection.getExecutor().execute(new Runnable() { // from class: org.jboss.remoting3.remote.ServerConnectionOpenListener.Authentication.1
                                        @Override // java.lang.Runnable
                                        public void run() {
                                            boolean z = false;
                                            Pooled<ByteBuffer> allocate2 = ServerConnectionOpenListener.this.connection.allocate();
                                            try {
                                                ByteBuffer byteBuffer2 = (ByteBuffer) allocate2.getResource();
                                                int position = byteBuffer2.position();
                                                try {
                                                    byteBuffer2.put((byte) 5);
                                                    if (SaslUtils.evaluateResponse(Authentication.this.saslServer, byteBuffer2, byteBuffer)) {
                                                        RemoteLogger.server.tracef("Server sending authentication complete", new Object[0]);
                                                        ServerConnectionOpenListener.this.connectionProviderContext.accept(new ConnectionHandlerFactory() { // from class: org.jboss.remoting3.remote.ServerConnectionOpenListener.Authentication.1.1
                                                            @Override // org.jboss.remoting3.spi.ConnectionHandlerFactory
                                                            public ConnectionHandler createInstance(ConnectionHandlerContext connectionHandlerContext) {
                                                                RemoteConnectionHandler remoteConnectionHandler = new RemoteConnectionHandler(connectionHandlerContext, ServerConnectionOpenListener.this.connection, Authentication.this.saslServer.getAuthorizationID(), Authentication.this.remoteEndpointName);
                                                                ServerConnectionOpenListener.this.connection.setReadListener(new RemoteReadListener(remoteConnectionHandler, ServerConnectionOpenListener.this.connection));
                                                                return remoteConnectionHandler;
                                                            }
                                                        });
                                                    } else {
                                                        RemoteLogger.server.tracef("Server sending authentication challenge", new Object[0]);
                                                        byteBuffer2.put(position, (byte) 3);
                                                    }
                                                } catch (SaslException e) {
                                                    RemoteLogger.server.tracef("Server sending authentication rejected (%s)", e);
                                                    byteBuffer2.put(position, (byte) 6);
                                                    ServerConnectionOpenListener.this.connection.setReadListener(new Initial());
                                                }
                                                byteBuffer2.flip();
                                                ServerConnectionOpenListener.this.connection.send(allocate2, false);
                                                ServerConnectionOpenListener.this.connection.getChannel().resumeReads();
                                                z = true;
                                                if (1 == 0) {
                                                    allocate2.free();
                                                }
                                            } catch (Throwable th) {
                                                if (!z) {
                                                    allocate2.free();
                                                }
                                                throw th;
                                            }
                                        }
                                    });
                                    allocate.free();
                                    return;
                                default:
                                    RemoteLogger.server.unknownProtocolId(b);
                                    ServerConnectionOpenListener.this.connection.handleException(RemoteLogger.log.invalidMessage(ServerConnectionOpenListener.this.connection));
                                    allocate.free();
                                    return;
                            }
                        } catch (IOException e) {
                            ServerConnectionOpenListener.this.connection.handleException(e);
                            allocate.free();
                        }
                    } catch (BufferOverflowException e2) {
                        ServerConnectionOpenListener.this.connection.handleException(RemoteLogger.log.invalidMessage(ServerConnectionOpenListener.this.connection));
                        allocate.free();
                    }
                } catch (BufferUnderflowException e3) {
                    ServerConnectionOpenListener.this.connection.handleException(RemoteLogger.log.invalidMessage(ServerConnectionOpenListener.this.connection));
                    allocate.free();
                }
            } catch (Throwable th) {
                allocate.free();
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/jboss/remoting3/remote/ServerConnectionOpenListener$Initial.class */
    public final class Initial implements ChannelListener<ConnectedMessageChannel> {
        private final int version = 0;
        private final boolean starttls;
        private final Map<String, ?> propertyMap;
        private final Map<String, SaslServerFactory> allowedMechanisms;
        private String remoteEndpointName;

        /* JADX WARN: Code restructure failed: missing block: B:57:0x00a4, code lost:
        
            if (r13.contains("EXTERNAL") != false) goto L21;
         */
        /* JADX WARN: Removed duplicated region for block: B:27:0x0112  */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        Initial() {
            /*
                Method dump skipped, instructions count: 463
                To view this dump add '--comments-level debug' option
            */
            throw new UnsupportedOperationException("Method not decompiled: org.jboss.remoting3.remote.ServerConnectionOpenListener.Initial.<init>(org.jboss.remoting3.remote.ServerConnectionOpenListener):void");
        }

        public void handleEvent(ConnectedMessageChannel connectedMessageChannel) {
            Pooled<ByteBuffer> allocate = ServerConnectionOpenListener.this.connection.allocate();
            try {
                try {
                    try {
                        ByteBuffer byteBuffer = (ByteBuffer) allocate.getResource();
                        try {
                            int receive = connectedMessageChannel.receive(byteBuffer);
                            if (receive == 0) {
                                allocate.free();
                                return;
                            }
                            if (receive == -1) {
                                RemoteLogger.log.trace("Received connection end-of-stream");
                                ServerConnectionOpenListener.this.connection.handlePreAuthCloseRequest();
                                allocate.free();
                                return;
                            }
                            byteBuffer.flip();
                            byte b = byteBuffer.get();
                            switch (b) {
                                case -16:
                                    RemoteLogger.server.trace("Server received connection alive");
                                    allocate.free();
                                    return;
                                case -1:
                                    RemoteLogger.server.trace("Server received connection close request");
                                    ServerConnectionOpenListener.this.connection.handlePreAuthCloseRequest();
                                    allocate.free();
                                    return;
                                case 1:
                                    RemoteLogger.server.trace("Server received capabilities request");
                                    while (byteBuffer.hasRemaining()) {
                                        byte b2 = byteBuffer.get();
                                        ByteBuffer slice = Buffers.slice(byteBuffer, byteBuffer.get() & 255);
                                        switch (b2) {
                                            case 0:
                                                RemoteLogger.server.tracef("Server received capability: version %d", Integer.valueOf(slice.get() & 255));
                                                break;
                                            case 3:
                                                this.remoteEndpointName = Buffers.getModifiedUtf8(slice);
                                                RemoteLogger.server.tracef("Server received capability: remote endpoint name \"%s\"", this.remoteEndpointName);
                                                break;
                                            default:
                                                RemoteLogger.server.tracef("Server received unknown capability %02x", Integer.valueOf(b2 & 255));
                                                break;
                                        }
                                    }
                                    sendCapabilities();
                                    allocate.free();
                                    return;
                                case 2:
                                    RemoteLogger.server.tracef("Server received authentication request", new Object[0]);
                                    if (ServerConnectionOpenListener.this.retryCount.decrementAndGet() < 1) {
                                        ServerConnectionOpenListener.this.connection.handleException(new SaslException("Too many authentication failures; connection terminated"), false);
                                        allocate.free();
                                        return;
                                    }
                                    final String modifiedUtf8 = Buffers.getModifiedUtf8(byteBuffer);
                                    final SaslServerFactory saslServerFactory = this.allowedMechanisms.get(modifiedUtf8);
                                    final CallbackHandler callbackHandler = ServerConnectionOpenListener.this.serverAuthenticationProvider.getCallbackHandler(modifiedUtf8);
                                    if (saslServerFactory == null || callbackHandler == null) {
                                        RemoteAuthLogger.authLog.rejectedInvalidMechanism(modifiedUtf8);
                                        Pooled<ByteBuffer> allocate2 = ServerConnectionOpenListener.this.connection.allocate();
                                        ByteBuffer byteBuffer2 = (ByteBuffer) allocate2.getResource();
                                        byteBuffer2.put((byte) 6);
                                        byteBuffer2.flip();
                                        ServerConnectionOpenListener.this.connection.send(allocate2);
                                        allocate.free();
                                        return;
                                    }
                                    final SaslServer saslServer = (SaslServer) AccessController.doPrivileged(new PrivilegedAction<SaslServer>() { // from class: org.jboss.remoting3.remote.ServerConnectionOpenListener.Initial.1
                                        /* JADX WARN: Can't rename method to resolve collision */
                                        @Override // java.security.PrivilegedAction
                                        public SaslServer run() {
                                            try {
                                                return saslServerFactory.createSaslServer(modifiedUtf8, "remote", ServerConnectionOpenListener.this.serverName, Initial.this.propertyMap, callbackHandler);
                                            } catch (SaslException e) {
                                                ServerConnectionOpenListener.this.connection.handleException(e);
                                                return null;
                                            }
                                        }
                                    }, ServerConnectionOpenListener.this.accessControlContext);
                                    if (saslServer == null) {
                                        allocate.free();
                                        return;
                                    }
                                    boolean z = false;
                                    boolean z2 = false;
                                    Pooled<ByteBuffer> allocate3 = ServerConnectionOpenListener.this.connection.allocate();
                                    try {
                                        ByteBuffer byteBuffer3 = (ByteBuffer) allocate3.getResource();
                                        int position = byteBuffer3.position();
                                        try {
                                            byteBuffer3.put((byte) 5);
                                            if (SaslUtils.evaluateResponse(saslServer, byteBuffer3, byteBuffer)) {
                                                RemoteLogger.server.tracef("Server sending authentication complete", new Object[0]);
                                                ServerConnectionOpenListener.this.connectionProviderContext.accept(new ConnectionHandlerFactory() { // from class: org.jboss.remoting3.remote.ServerConnectionOpenListener.Initial.2
                                                    @Override // org.jboss.remoting3.spi.ConnectionHandlerFactory
                                                    public ConnectionHandler createInstance(ConnectionHandlerContext connectionHandlerContext) {
                                                        RemoteConnectionHandler remoteConnectionHandler = new RemoteConnectionHandler(connectionHandlerContext, ServerConnectionOpenListener.this.connection, saslServer.getAuthorizationID(), Initial.this.remoteEndpointName);
                                                        ServerConnectionOpenListener.this.connection.setReadListener(new RemoteReadListener(remoteConnectionHandler, ServerConnectionOpenListener.this.connection));
                                                        return remoteConnectionHandler;
                                                    }
                                                });
                                            } else {
                                                RemoteLogger.server.tracef("Server sending authentication challenge", new Object[0]);
                                                byteBuffer3.put(position, (byte) 3);
                                                ServerConnectionOpenListener.this.connection.setReadListener(new Authentication(saslServer, this.remoteEndpointName));
                                            }
                                        } catch (Exception e) {
                                            RemoteLogger.server.tracef("Server sending authentication rejected (%s)", e);
                                            byteBuffer3.put(position, (byte) 6);
                                            if (ServerConnectionOpenListener.this.retryCount.decrementAndGet() <= 0) {
                                                z2 = true;
                                            }
                                        }
                                        byteBuffer3.flip();
                                        ServerConnectionOpenListener.this.connection.send(allocate3, z2);
                                        z = true;
                                        if (1 == 0) {
                                            allocate3.free();
                                        }
                                        allocate.free();
                                        return;
                                    } catch (Throwable th) {
                                        if (!z) {
                                            allocate3.free();
                                        }
                                        throw th;
                                    }
                                case 7:
                                    RemoteLogger.server.tracef("Server received STARTTLS request", new Object[0]);
                                    Pooled<ByteBuffer> allocate4 = ServerConnectionOpenListener.this.connection.allocate();
                                    try {
                                        ByteBuffer byteBuffer4 = (ByteBuffer) allocate4.getResource();
                                        byteBuffer4.put(this.starttls ? (byte) 7 : (byte) 8);
                                        byteBuffer4.flip();
                                        ServerConnectionOpenListener.this.connection.send(allocate4);
                                        if (this.starttls) {
                                            try {
                                                ServerConnectionOpenListener.this.connection.getSslChannel().startHandshake();
                                            } catch (IOException e2) {
                                                ServerConnectionOpenListener.this.connection.handleException(e2);
                                            }
                                        }
                                        if (1 == 0) {
                                            allocate4.free();
                                        }
                                        allocate.free();
                                        return;
                                    } catch (Throwable th2) {
                                        if (0 == 0) {
                                            allocate4.free();
                                        }
                                        throw th2;
                                    }
                                default:
                                    RemoteLogger.server.unknownProtocolId(b);
                                    ServerConnectionOpenListener.this.connection.handleException(RemoteLogger.log.invalidMessage(ServerConnectionOpenListener.this.connection));
                                    allocate.free();
                                    return;
                            }
                        } catch (IOException e3) {
                            ServerConnectionOpenListener.this.connection.handleException(e3);
                            allocate.free();
                        }
                    } catch (Throwable th3) {
                        allocate.free();
                        throw th3;
                    }
                } catch (BufferOverflowException e4) {
                    ServerConnectionOpenListener.this.connection.handleException(RemoteLogger.log.invalidMessage(ServerConnectionOpenListener.this.connection));
                    allocate.free();
                }
            } catch (BufferUnderflowException e5) {
                ServerConnectionOpenListener.this.connection.handleException(RemoteLogger.log.invalidMessage(ServerConnectionOpenListener.this.connection));
                allocate.free();
            }
        }

        void sendCapabilities() {
            Pooled<ByteBuffer> allocate = ServerConnectionOpenListener.this.connection.allocate();
            boolean z = false;
            try {
                ByteBuffer byteBuffer = (ByteBuffer) allocate.getResource();
                byteBuffer.put((byte) 1);
                ProtocolUtils.writeByte(byteBuffer, 0, this.version);
                String name = ServerConnectionOpenListener.this.connectionProviderContext.getEndpoint().getName();
                if (name != null) {
                    ProtocolUtils.writeString(byteBuffer, (byte) 3, name);
                }
                if (this.starttls) {
                    ProtocolUtils.writeEmpty(byteBuffer, 2);
                }
                Iterator<String> it = this.allowedMechanisms.keySet().iterator();
                while (it.hasNext()) {
                    ProtocolUtils.writeString(byteBuffer, (byte) 1, it.next());
                }
                byteBuffer.flip();
                ServerConnectionOpenListener.this.connection.send(allocate);
                z = true;
                if (1 == 0) {
                    allocate.free();
                }
            } catch (Throwable th) {
                if (!z) {
                    allocate.free();
                }
                throw th;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServerConnectionOpenListener(RemoteConnection remoteConnection, ConnectionProviderContext connectionProviderContext, ServerAuthenticationProvider serverAuthenticationProvider, OptionMap optionMap, AccessControlContext accessControlContext) {
        this.connection = remoteConnection;
        this.connectionProviderContext = connectionProviderContext;
        this.serverAuthenticationProvider = serverAuthenticationProvider;
        this.optionMap = optionMap;
        this.accessControlContext = accessControlContext;
        this.serverName = ((InetSocketAddress) remoteConnection.getChannel().getLocalAddress(InetSocketAddress.class)).getHostName();
    }

    public void handleEvent(ConnectedMessageChannel connectedMessageChannel) {
        Pooled<ByteBuffer> allocate = this.connection.allocate();
        boolean z = false;
        try {
            try {
                try {
                    ByteBuffer byteBuffer = (ByteBuffer) allocate.getResource();
                    byteBuffer.put((byte) 0);
                    ProtocolUtils.writeString(byteBuffer, (byte) 0, this.serverName);
                    byteBuffer.flip();
                    this.connection.setReadListener(new Initial(this));
                    this.connection.send(allocate);
                    z = true;
                    if (1 == 0) {
                        allocate.free();
                    }
                } catch (BufferOverflowException e) {
                    this.connection.handleException(RemoteLogger.log.invalidMessage(this.connection));
                    if (z) {
                        return;
                    }
                    allocate.free();
                }
            } catch (BufferUnderflowException e2) {
                this.connection.handleException(RemoteLogger.log.invalidMessage(this.connection));
                if (z) {
                    return;
                }
                allocate.free();
            }
        } catch (Throwable th) {
            if (!z) {
                allocate.free();
            }
            throw th;
        }
    }
}
