package com.ibm.wmqfte.bridge.session.ftps;

import com.ibm.wmqfte.bridge.Bridge;
import com.ibm.wmqfte.bridge.BridgeConfigurationException;
import com.ibm.wmqfte.bridge.BridgeConstants;
import com.ibm.wmqfte.bridge.ProtocolServerProperties;
import com.ibm.wmqfte.bridge.ProtocolServerPropertiesImpl;
import com.ibm.wmqfte.bridge.authentication.BridgeCredentialException;
import com.ibm.wmqfte.bridge.endpoint.BridgeEndPointException;
import com.ibm.wmqfte.bridge.protocol.ProtocolException;
import com.ibm.wmqfte.bridge.session.ftp.EventTrace;
import com.ibm.wmqfte.bridge.session.ftp.FTPSession;
import com.ibm.wmqfte.bridge.utils.ConnectionDetails;
import com.ibm.wmqfte.configuration.FTEPropertiesFactory;
import com.ibm.wmqfte.connect.impl.SSLConnectionData;
import com.ibm.wmqfte.exitroutine.api.Credentials;
import com.ibm.wmqfte.ras.NLS;
import com.ibm.wmqfte.ras.RasDescriptor;
import com.ibm.wmqfte.ras.Trace;
import com.ibm.wmqfte.ras.TraceLevel;
import com.ibm.wmqfte.utils.FFDCClassProbe;
import com.ibm.wmqfte.utils.FTEPropConstant;
import java.io.IOException;
import java.net.SocketException;
import java.net.UnknownHostException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.apache.commons.net.ProtocolCommandEvent;
import org.apache.commons.net.ProtocolCommandListener;
import org.apache.commons.net.ftp.FTPClientConfig;
import org.apache.commons.net.ftp.FTPReply;

/* loaded from: input_file:lib/com.ibm.wmqfte.common.jar:com/ibm/wmqfte/bridge/session/ftps/FTPSSession.class */
public class FTPSSession extends FTPSession {
    public static final String $sccsid = "@(#) com.ibm.wmqfte.io/src/com/ibm/wmqfte/bridge/session/ftps/FTPSSession.java,jazz,f750-FP,f750-FP-007-20160602-1009 06/02/2016 10:12:19 AM [06/02/2016 10:12:19 AM]";
    private static final RasDescriptor rd = RasDescriptor.create((Class<?>) FTPSSession.class, BridgeConstants.MESSAGE_BUNDLE);
    private static final boolean FIPS_REQUIRED = FTEPropertiesFactory.getInstance().getPropertyAsBoolean(FTEPropConstant.agentSslFipsRequired);
    private final ProtocolServerProperties serverProperties;

    /* loaded from: input_file:lib/com.ibm.wmqfte.common.jar:com/ibm/wmqfte/bridge/session/ftps/FTPSSession$ReplyCodeChecker.class */
    private static class ReplyCodeChecker implements ProtocolCommandListener {
        private boolean accessDenied;

        private ReplyCodeChecker() {
            this.accessDenied = false;
        }

        public void protocolCommandSent(ProtocolCommandEvent protocolCommandEvent) {
        }

        public void protocolReplyReceived(ProtocolCommandEvent protocolCommandEvent) {
            if (protocolCommandEvent.getReplyCode() == 534) {
                synchronized (this) {
                    this.accessDenied = true;
                }
            }
        }

        public synchronized boolean isAccessDenied() {
            return this.accessDenied;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public FTPSSession(Bridge bridge, ConnectionDetails connectionDetails, Credentials credentials, FTPClientConfig fTPClientConfig, String str) throws BridgeEndPointException, BridgeConfigurationException, BridgeCredentialException {
        super(bridge, connectionDetails, credentials, fTPClientConfig, str);
        if (rd.isFlowOn()) {
            Trace.entry(rd, "<init>", bridge, connectionDetails, credentials, fTPClientConfig, str);
        }
        this.serverProperties = bridge.getServerProps();
        SSLContext sSLContext = null;
        if (SSLConnectionData.isFipsEnabled(FIPS_REQUIRED)) {
            try {
                sSLContext = SSLConnectionData.initializeFips();
                sSLContext.init(bridge.getKeyManager() == null ? null : new KeyManager[]{bridge.getKeyManager()}, bridge.getTrustManager() == null ? null : new TrustManager[]{bridge.getTrustManager()}, null);
            } catch (Exception e) {
                BridgeConfigurationException bridgeConfigurationException = new BridgeConfigurationException(NLS.format(rd, "BFGBR0184_FIPS_SSLCONTEXT_CREATION_FAILED", e.getLocalizedMessage()));
                if (rd.isFlowOn()) {
                    Trace.throwing(rd, "<init>", bridgeConfigurationException);
                }
                throw bridgeConfigurationException;
            }
        }
        try {
            if (sSLContext == null) {
                this.protocolDriver = new FTEFTPSClient("SSL_TLSv2", this.serverProperties.getProtocolServerFTPSType() == ProtocolServerPropertiesImpl.FTPSType.IMPLICIT, this.serverProperties.getProtocolServerFTPSAUTH());
            } else {
                this.protocolDriver = new FTEFTPSClient(this.serverProperties.getProtocolServerFTPSType() == ProtocolServerPropertiesImpl.FTPSType.IMPLICIT, sSLContext, this.serverProperties.getProtocolServerFTPSAUTH());
            }
            String protocolServerFTPSCipherSuiteList = this.serverProperties.getProtocolServerFTPSCipherSuiteList();
            if (protocolServerFTPSCipherSuiteList != null && protocolServerFTPSCipherSuiteList.length() > 0) {
                this.protocolDriver.setEnabledCipherSuites(protocolServerFTPSCipherSuiteList.split(","));
            }
            if (sSLContext == null) {
                this.protocolDriver.setTrustManager(bridge.getTrustManager());
                if (bridge.getKeyManager() != null) {
                    this.protocolDriver.setKeyManager(bridge.getKeyManager());
                }
            }
            if (fTPClientConfig != null) {
                this.protocolDriver.configure(fTPClientConfig);
            }
            this.protocolDriver.setControlEncoding(bridge.getControlEncoding());
            if (rd.isFlowOn()) {
                Trace.exit(rd, "<init>");
            }
        } catch (NoSuchAlgorithmException e2) {
            BridgeConfigurationException bridgeConfigurationException2 = new BridgeConfigurationException(NLS.format(rd, "BFGBR0151_SESSION_CREATION_FAILED", e2.getLocalizedMessage()));
            if (rd.isFlowOn()) {
                Trace.throwing(rd, "<init>", bridgeConfigurationException2);
            }
            throw bridgeConfigurationException2;
        }
    }

    @Override // com.ibm.wmqfte.bridge.session.ftp.FTPSession
    public void connect() throws ProtocolException, BridgeConfigurationException {
        if (rd.isFlowOn()) {
            Trace.entry(rd, this, "connect", new Object[0]);
        }
        this.protocolDriver.addProtocolCommandListener(new EventTrace(this.traceRef));
        ReplyCodeChecker replyCodeChecker = new ReplyCodeChecker();
        this.protocolDriver.addProtocolCommandListener(replyCodeChecker);
        try {
            try {
                try {
                    try {
                        int connectionTimeout = this.serverProperties.getConnectionTimeout() * BridgeConstants.DEFAULT_MAXIMUM_LIST_DIR_LEVELS;
                        if (connectionTimeout >= 0) {
                            if (rd.isOn(TraceLevel.MODERATE)) {
                                Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-CONNECT - setting connect and default timeout to " + connectionTimeout + " milliseconds.");
                            }
                            this.protocolDriver.setDefaultTimeout(connectionTimeout);
                            this.protocolDriver.setConnectTimeout(connectionTimeout);
                        }
                        this.protocolDriver.connect(this.connectionDetails.getHostName(), this.connectionDetails.getPort());
                        if (rd.isOn(TraceLevel.MODERATE)) {
                            Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-CONNECT - successful");
                        }
                        int socketTimeout = this.bridge.getSocketTimeout();
                        if (socketTimeout >= 0) {
                            if (rd.isOn(TraceLevel.MODERATE)) {
                                Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-CONNECT - setting socket timeout on the opened socket to " + (socketTimeout * BridgeConstants.DEFAULT_MAXIMUM_LIST_DIR_LEVELS) + " milliseconds.");
                            }
                            this.protocolDriver.setSoTimeout(socketTimeout * BridgeConstants.DEFAULT_MAXIMUM_LIST_DIR_LEVELS);
                        }
                        this.protocolDriver.enterLocalPassiveMode();
                        boolean z = this.serverProperties.getProtocolServerFTPSType() == ProtocolServerPropertiesImpl.FTPSType.IMPLICIT;
                        boolean isProtocolServerFTPSPROTFirst = this.serverProperties.isProtocolServerFTPSPROTFirst();
                        String str = this.credentials.getUserId().get();
                        String str2 = this.credentials.getPassword().get();
                        if (z) {
                            login(str, str2);
                            this.protocolDriver.execPROT("P");
                        } else {
                            if (!isProtocolServerFTPSPROTFirst) {
                                login(str, str2);
                            }
                            if ("TLS".equalsIgnoreCase(this.protocolDriver.getAuthValue())) {
                                this.protocolDriver.execPBSZ(0L);
                                if (!FTPReply.isPositiveCompletion(this.protocolDriver.getReplyCode())) {
                                    IOException iOException = new IOException(NLS.format(rd, "BFGBR0152_PBSZ_FAILED", Integer.toString(this.protocolDriver.getReplyCode())));
                                    if (rd.isFlowOn()) {
                                        Trace.throwing(rd, "connect", iOException);
                                    }
                                    throw iOException;
                                }
                            } else {
                                long packetBufferSize = this.protocolDriver.getPacketBufferSize();
                                if (packetBufferSize < 1 || packetBufferSize > 4294967296L) {
                                    packetBufferSize = 65536;
                                }
                                this.protocolDriver.execPBSZ(packetBufferSize);
                                if (!FTPReply.isPositiveCompletion(this.protocolDriver.getReplyCode())) {
                                    IOException iOException2 = new IOException(NLS.format(rd, "BFGBR0153_PBSZ_FAILED", Integer.toString(this.protocolDriver.getReplyCode())));
                                    if (rd.isFlowOn()) {
                                        Trace.throwing(rd, "connect", iOException2);
                                    }
                                    throw iOException2;
                                }
                            }
                            this.protocolDriver.execPROT("P");
                            if (isProtocolServerFTPSPROTFirst) {
                                login(str, str2);
                            }
                            if (this.serverProperties.isProtocolServerFTPSCCC()) {
                                int sendCommand = this.protocolDriver.sendCommand("CCC");
                                if (!FTPReply.isPositiveCompletion(sendCommand) && sendCommand != 533) {
                                    IOException iOException3 = new IOException(NLS.format(rd, "BFGBR0154_CCC_FAILED", Integer.toString(this.protocolDriver.getReplyCode())));
                                    if (rd.isFlowOn()) {
                                        Trace.throwing(rd, "connect", iOException3);
                                    }
                                    throw iOException3;
                                }
                            }
                        }
                        int pasv = this.protocolDriver.pasv();
                        if (pasv != 227) {
                            BridgeConfigurationException bridgeConfigurationException = new BridgeConfigurationException(NLS.format(rd, "BFGBR0172_FTPS_PASSIVE_MODE_FAILED", this.bridge.getProtocolServerName(), FFDCClassProbe.ARGUMENT_ANY + pasv));
                            if (rd.isFlowOn()) {
                                Trace.throwing(rd, "connect", bridgeConfigurationException);
                            }
                            throw bridgeConfigurationException;
                        }
                        if (this.homeDirectory == null) {
                            String printWorkingDirectory = this.protocolDriver.printWorkingDirectory();
                            this.homeDirectory = printWorkingDirectory == null ? null : printWorkingDirectory.replaceAll(BridgeConstants.WINDOWS_PATH_SEPARATOR_PATTERN, "/");
                            if (rd.isOn(TraceLevel.MODERATE)) {
                                Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-HOMEDIR - successful [" + this.homeDirectory + "]");
                            }
                        }
                        this.activeConnection = true;
                        this.protocolDriver.removeProtocolCommandListener(replyCodeChecker);
                        if (rd.isFlowOn()) {
                            Trace.exit(rd, this, "connect");
                        }
                    } catch (UnknownHostException e) {
                        if (rd.isOn(TraceLevel.MODERATE)) {
                            Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-CONNECT - failed [UnknownHostException=" + e.getLocalizedMessage() + "]");
                        }
                        ProtocolException protocolException = new ProtocolException(NLS.format(rd, "BFGBR0149_UNKNOWN_HOST", this.connectionDetails.getHostName(), e.getLocalizedMessage()), e);
                        if (rd.isFlowOn()) {
                            Trace.throwing(rd, "connect", protocolException);
                        }
                        throw protocolException;
                    }
                } catch (SocketException e2) {
                    if (rd.isOn(TraceLevel.MODERATE)) {
                        Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-CONNECT - failed [SocketException=" + e2.getLocalizedMessage() + "]");
                    }
                    ProtocolException protocolException2 = new ProtocolException(NLS.format(rd, "BFGBR0148_CONNECT", this.connectionDetails.getHostName(), FFDCClassProbe.ARGUMENT_ANY + this.connectionDetails.getPort(), e2.getLocalizedMessage()));
                    if (rd.isFlowOn()) {
                        Trace.throwing(rd, "connect", protocolException2);
                    }
                    throw protocolException2;
                }
            } catch (IOException e3) {
                if (rd.isOn(TraceLevel.MODERATE)) {
                    Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-CONNECT - failed [IOException=" + e3.getLocalizedMessage() + "]");
                }
                if (replyCodeChecker.isAccessDenied()) {
                    BridgeConfigurationException bridgeConfigurationException2 = new BridgeConfigurationException(NLS.format(rd, "BFGBR0173_CONNECT", this.connectionDetails.getHostName(), FFDCClassProbe.ARGUMENT_ANY + this.connectionDetails.getPort(), e3.getLocalizedMessage()));
                    if (rd.isFlowOn()) {
                        Trace.throwing(rd, "connect", bridgeConfigurationException2);
                    }
                    throw bridgeConfigurationException2;
                }
                ProtocolException protocolException3 = new ProtocolException(NLS.format(rd, "BFGBR0150_PROTOCOL_IO", e3.getLocalizedMessage()));
                if (rd.isFlowOn()) {
                    Trace.throwing(rd, "connect", protocolException3);
                }
                throw protocolException3;
            } catch (IllegalArgumentException e4) {
                if (rd.isOn(TraceLevel.MODERATE)) {
                    Trace.data(rd, TraceLevel.MODERATE, this, "connect", "PB-ADM-CONNECT - failed [IllegalArgumentException=" + e4.getLocalizedMessage() + "]");
                }
                BridgeConfigurationException bridgeConfigurationException3 = new BridgeConfigurationException(NLS.format(rd, "BFGBR0173_CONNECT", this.connectionDetails.getHostName(), FFDCClassProbe.ARGUMENT_ANY + this.connectionDetails.getPort(), e4.getLocalizedMessage()));
                if (rd.isFlowOn()) {
                    Trace.throwing(rd, "connect", bridgeConfigurationException3);
                }
                throw bridgeConfigurationException3;
            }
        } catch (Throwable th) {
            this.protocolDriver.removeProtocolCommandListener(replyCodeChecker);
            throw th;
        }
    }

    private void login(String str, String str2) throws BridgeConfigurationException, IOException {
        if (rd.isFlowOn()) {
            Trace.entry(rd, this, "login", str, str2);
        }
        if (!this.protocolDriver.login(str, str2)) {
            BridgeConfigurationException bridgeConfigurationException = new BridgeConfigurationException(NLS.format(rd, "BFGBR0147_AUTHENTICATION_UP", this.credentials.getUserId().get()));
            if (rd.isFlowOn()) {
                Trace.throwing(rd, "connect", bridgeConfigurationException);
            }
            throw bridgeConfigurationException;
        }
        if (rd.isOn(TraceLevel.MODERATE)) {
            Trace.data(rd, TraceLevel.MODERATE, this, "login", "PB-ADM-AUTHORISE - successful");
        }
        if (rd.isFlowOn()) {
            Trace.exit(rd, this, "login");
        }
    }

    @Override // com.ibm.wmqfte.bridge.session.ftp.FTPSession, com.ibm.wmqfte.bridge.session.BridgeSession
    public String getSessionProtocol() {
        return "FTPS";
    }
}
