package org.opends.server.protocols.jmx;

import java.io.IOException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.RMIClientSocketFactory;
import java.util.HashMap;
import javax.management.MBeanServer;
import javax.management.ObjectName;
import javax.management.remote.JMXConnectorServer;
import javax.management.remote.JMXServiceURL;
import javax.management.remote.rmi.RMIConnectorServer;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import org.opends.server.api.KeyManagerProvider;
import org.opends.server.config.JMXMBean;
import org.opends.server.core.DirectoryServer;
import org.opends.server.extensions.NullKeyManagerProvider;
import org.opends.server.loggers.debug.DebugLogger;
import org.opends.server.loggers.debug.DebugTracer;
import org.opends.server.tools.ToolConstants;
import org.opends.server.types.DebugLogLevel;
import org.opends.server.util.SelectableCertificateKeyManager;

/* loaded from: input_file:org/opends/server/protocols/jmx/RmiConnector.class */
public class RmiConnector {
    private static final DebugTracer TRACER = DebugLogger.getTracer();
    private MBeanServer mbs;
    private JmxConnectionHandler jmxConnectionHandler;
    private String jmxRmiConnectorNoClientCertificateName;
    protected JMXConnectorServer jmxRmiConnectorNoClientCertificate;
    private JMXConnectorServer jmxRmiConnectorClientCertificate;
    private RmiAuthenticator rmiAuthenticator;
    private OpendsRmiServerSocketFactory rmiSsf;
    private String rmiVersion;
    private String registryClientAddress = "0.0.0.0";
    private Registry registry = null;

    public RmiConnector(MBeanServer mBeanServer, JmxConnectionHandler jmxConnectionHandler) {
        this.mbs = null;
        this.mbs = mBeanServer;
        this.jmxConnectionHandler = jmxConnectionHandler;
        this.jmxRmiConnectorNoClientCertificateName = JMXMBean.getJmxName(jmxConnectionHandler.getComponentEntryDN()) + ",Type=jmxRmiConnectorNoClientCertificateName";
    }

    public void initialize() {
        try {
            startCommonRegistry();
            startConnectorNoClientCertificate();
            if (DebugLogger.debugEnabled()) {
                TRACER.debugVerbose("RMI module started");
            }
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            throw new RuntimeException("Error while starting the RMI module : " + e.getMessage());
        }
    }

    private void startCommonRegistry() throws Exception {
        int listenPort = this.jmxConnectionHandler.getListenPort();
        if (DebugLogger.debugEnabled()) {
            TRACER.debugVerbose("start or reach an RMI registry on port %d", Integer.valueOf(listenPort));
        }
        try {
            if (this.registry == null) {
                this.rmiSsf = new OpendsRmiServerSocketFactory();
                this.registry = LocateRegistry.createRegistry(listenPort, (RMIClientSocketFactory) null, this.rmiSsf);
            }
        } catch (RemoteException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugWarning("cannot create the RMI registry -> already done ?");
            }
            try {
                Registry registry = LocateRegistry.getRegistry(listenPort);
                registry.list();
                this.registry = registry;
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugWarning("RMI was registry already started");
                }
            } catch (Exception e2) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugError("exception thrown while pinging the RMI registry");
                    TRACER.debugCaught(DebugLogLevel.ERROR, e);
                }
                throw e;
            }
        }
    }

    private void startConnectorNoClientCertificate() throws Exception {
        KeyManager[] keyManagers;
        try {
            HashMap hashMap = new HashMap();
            DirectoryRMIClientSocketFactory directoryRMIClientSocketFactory = null;
            DirectoryRMIServerSocketFactory directoryRMIServerSocketFactory = null;
            if (this.jmxConnectionHandler.isUseSSL()) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugVerbose("SSL connection");
                }
                KeyManagerProvider keyManagerProvider = DirectoryServer.getKeyManagerProvider(this.jmxConnectionHandler.getKeyManagerProviderDN());
                if (keyManagerProvider == null) {
                    keyManagers = new NullKeyManagerProvider().getKeyManagers();
                } else {
                    String sSLServerCertNickname = this.jmxConnectionHandler.getSSLServerCertNickname();
                    keyManagers = sSLServerCertNickname == null ? keyManagerProvider.getKeyManagers() : SelectableCertificateKeyManager.wrap(keyManagerProvider.getKeyManagers(), sSLServerCertNickname);
                }
                SSLContext sSLContext = SSLContext.getInstance("TLSv1");
                sSLContext.init(keyManagers, null, null);
                directoryRMIServerSocketFactory = new DirectoryRMIServerSocketFactory(sSLContext.getSocketFactory(), false);
                hashMap.put("jmx.remote.rmi.server.socket.factory", directoryRMIServerSocketFactory);
                directoryRMIClientSocketFactory = new DirectoryRMIClientSocketFactory(false);
                hashMap.put("jmx.remote.rmi.client.socket.factory", directoryRMIClientSocketFactory);
            } else if (DebugLogger.debugEnabled()) {
                TRACER.debugVerbose("UNSECURE CONNECTION");
            }
            if (DebugLogger.debugEnabled()) {
                TRACER.debugVerbose("Add RmiAuthenticator into JMX map");
            }
            this.rmiAuthenticator = new RmiAuthenticator(this.jmxConnectionHandler);
            hashMap.put("jmx.remote.authenticator", this.rmiAuthenticator);
            JMXServiceURL jMXServiceURL = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://" + this.registryClientAddress + ToolConstants.LIST_TABLE_SEPARATOR + this.jmxConnectionHandler.getListenPort() + "/org.opends.server.protocols.jmx.client-unknown");
            if (DebugLogger.debugEnabled()) {
                TRACER.debugVerbose("Create and start the JMX RMI connector");
            }
            OpendsRMIJRMPServerImpl opendsRMIJRMPServerImpl = new OpendsRMIJRMPServerImpl(0, directoryRMIClientSocketFactory, directoryRMIServerSocketFactory, hashMap);
            this.jmxRmiConnectorNoClientCertificate = new RMIConnectorServer(jMXServiceURL, hashMap, opendsRMIJRMPServerImpl, this.mbs);
            this.jmxRmiConnectorNoClientCertificate.start();
            this.mbs.registerMBean(this.jmxRmiConnectorNoClientCertificate, new ObjectName(this.jmxRmiConnectorNoClientCertificateName));
            this.rmiVersion = opendsRMIJRMPServerImpl.getVersion();
            if (DebugLogger.debugEnabled()) {
                TRACER.debugVerbose("JMX RMI connector Started");
            }
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            throw e;
        }
    }

    public void finalizeConnectionHandler(boolean z) {
        try {
            if (this.jmxRmiConnectorNoClientCertificate != null) {
                this.jmxRmiConnectorNoClientCertificate.stop();
            }
            if (this.jmxRmiConnectorClientCertificate != null) {
                this.jmxRmiConnectorClientCertificate.stop();
            }
        } catch (Exception e) {
            TRACER.debugCaught(DebugLogLevel.ERROR, e);
        }
        this.jmxRmiConnectorNoClientCertificate = null;
        this.jmxRmiConnectorClientCertificate = null;
        try {
            ObjectName objectName = new ObjectName(this.jmxRmiConnectorNoClientCertificateName);
            if (this.mbs.isRegistered(objectName)) {
                this.mbs.unregisterMBean(objectName);
            }
            if (this.jmxRmiConnectorNoClientCertificate != null) {
                this.jmxRmiConnectorNoClientCertificate.stop();
            }
        } catch (Exception e2) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e2);
            }
        }
        if (z) {
            try {
                if (this.rmiSsf != null) {
                    this.rmiSsf.close();
                }
            } catch (IOException e3) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e3);
                }
            }
            this.registry = null;
        }
    }

    public String getProtocolVersion() {
        return this.rmiVersion;
    }
}
