package sun.management.jmxremote;

import com.sun.jmx.remote.internal.RMIExporter;
import com.sun.jmx.remote.security.JMXPluggableAuthenticator;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.lang.management.ManagementFactory;
import java.net.MalformedURLException;
import java.rmi.NoSuchObjectException;
import java.rmi.Remote;
import java.rmi.RemoteException;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
import java.rmi.server.UnicastRemoteObject;
import java.security.Principal;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.StringTokenizer;
import javax.management.MBeanServer;
import javax.management.remote.JMXAuthenticator;
import javax.management.remote.JMXConnectorServer;
import javax.management.remote.JMXConnectorServerFactory;
import javax.management.remote.JMXServiceURL;
import javax.management.remote.rmi.RMIConnectorServer;
import javax.rmi.ssl.SslRMIClientSocketFactory;
import javax.rmi.ssl.SslRMIServerSocketFactory;
import javax.security.auth.Subject;
import sun.management.Agent;
import sun.management.AgentConfigurationError;
import sun.management.FileSystem;
import sun.management.snmp.util.MibLogger;
import sun.rmi.server.UnicastServerRef;
import sun.rmi.server.UnicastServerRef2;

/* loaded from: input_file:sun/management/jmxremote/ConnectorBootstrap.class */
public final class ConnectorBootstrap {
    private static final MibLogger log = new MibLogger(ConnectorBootstrap.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:sun/management/jmxremote/ConnectorBootstrap$AccessFileCheckerAuthenticator.class */
    public static class AccessFileCheckerAuthenticator implements JMXAuthenticator {
        private final Map environment;
        private final Properties properties;
        private final String accessFile;

        public AccessFileCheckerAuthenticator(Map map) throws IOException {
            this.environment = map;
            this.accessFile = (String) map.get("jmx.remote.x.access.file");
            this.properties = propertiesFromFile(this.accessFile);
        }

        @Override // javax.management.remote.JMXAuthenticator
        public Subject authenticate(Object obj) {
            Subject authenticate = new JMXPluggableAuthenticator(this.environment).authenticate(obj);
            checkAccessFileEntries(authenticate);
            return authenticate;
        }

        private void checkAccessFileEntries(Subject subject) {
            if (subject == null) {
                throw new SecurityException("Access denied! No matching entries found in the access file [" + this.accessFile + "] as the authenticated Subject is null");
            }
            Set<Principal> principals = subject.getPrincipals();
            Iterator<Principal> it = principals.iterator();
            while (it.hasNext()) {
                if (this.properties.containsKey(it.next().getName())) {
                    return;
                }
            }
            HashSet hashSet = new HashSet();
            Iterator<Principal> it2 = principals.iterator();
            while (it2.hasNext()) {
                hashSet.add(it2.next().getName());
            }
            throw new SecurityException("Access denied! No entries found in the access file [" + this.accessFile + "] for any of the authenticated identities " + hashSet);
        }

        private static Properties propertiesFromFile(String str) throws IOException {
            Properties properties = new Properties();
            if (str == null) {
                return properties;
            }
            FileInputStream fileInputStream = new FileInputStream(str);
            properties.load(fileInputStream);
            fileInputStream.close();
            return properties;
        }
    }

    /* loaded from: input_file:sun/management/jmxremote/ConnectorBootstrap$DefaultValues.class */
    public interface DefaultValues {
        public static final String PORT = "0";
        public static final String CONFIG_FILE_NAME = "management.properties";
        public static final String USE_SSL = "true";
        public static final String USE_AUTHENTICATION = "true";
        public static final String PASSWORD_FILE_NAME = "jmxremote.password";
        public static final String ACCESS_FILE_NAME = "jmxremote.access";
        public static final String SSL_NEED_CLIENT_AUTH = "false";
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:sun/management/jmxremote/ConnectorBootstrap$PermanentExporter.class */
    public static class PermanentExporter implements RMIExporter {
        Remote firstExported;

        private PermanentExporter() {
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r0v11, types: [sun.rmi.server.UnicastServerRef] */
        @Override // com.sun.jmx.remote.internal.RMIExporter
        public Remote exportObject(Remote remote, int i, RMIClientSocketFactory rMIClientSocketFactory, RMIServerSocketFactory rMIServerSocketFactory) throws RemoteException {
            synchronized (this) {
                if (this.firstExported == null) {
                    this.firstExported = remote;
                }
            }
            return ((rMIClientSocketFactory == null && rMIServerSocketFactory == null) ? new UnicastServerRef(i) : new UnicastServerRef2(i, rMIClientSocketFactory, rMIServerSocketFactory)).exportObject(remote, null, true);
        }

        @Override // com.sun.jmx.remote.internal.RMIExporter
        public boolean unexportObject(Remote remote, boolean z) throws NoSuchObjectException {
            return UnicastRemoteObject.unexportObject(remote, z);
        }
    }

    /* loaded from: input_file:sun/management/jmxremote/ConnectorBootstrap$PropertyNames.class */
    public interface PropertyNames {
        public static final String PORT = "com.sun.management.jmxremote.port";
        public static final String CONFIG_FILE_NAME = "com.sun.management.config.file";
        public static final String USE_SSL = "com.sun.management.jmxremote.ssl";
        public static final String USE_AUTHENTICATION = "com.sun.management.jmxremote.authenticate";
        public static final String PASSWORD_FILE_NAME = "com.sun.management.jmxremote.password.file";
        public static final String ACCESS_FILE_NAME = "com.sun.management.jmxremote.access.file";
        public static final String LOGIN_CONFIG_NAME = "com.sun.management.jmxremote.login.config";
        public static final String SSL_ENABLED_CIPHER_SUITES = "com.sun.management.jmxremote.ssl.enabled.cipher.suites";
        public static final String SSL_ENABLED_PROTOCOLS = "com.sun.management.jmxremote.ssl.enabled.protocols";
        public static final String SSL_NEED_CLIENT_AUTH = "com.sun.management.jmxremote.ssl.need.client.auth";
    }

    public static synchronized JMXConnectorServer initialize() {
        Properties loadManagementProperties = Agent.loadManagementProperties();
        if (loadManagementProperties == null) {
            return null;
        }
        return initialize(loadManagementProperties.getProperty(PropertyNames.PORT), loadManagementProperties);
    }

    public static synchronized JMXConnectorServer initialize(String str, Properties properties) {
        try {
            int parseInt = Integer.parseInt(str);
            if (parseInt < 0) {
                throw new AgentConfigurationError(AgentConfigurationError.INVALID_JMXREMOTE_PORT, str);
            }
            boolean booleanValue = Boolean.valueOf(properties.getProperty(PropertyNames.USE_AUTHENTICATION, "true")).booleanValue();
            boolean booleanValue2 = Boolean.valueOf(properties.getProperty(PropertyNames.USE_SSL, "true")).booleanValue();
            String property = properties.getProperty(PropertyNames.SSL_ENABLED_CIPHER_SUITES);
            String[] strArr = null;
            if (property != null) {
                StringTokenizer stringTokenizer = new StringTokenizer(property, ",");
                int countTokens = stringTokenizer.countTokens();
                strArr = new String[countTokens];
                for (int i = 0; i < countTokens; i++) {
                    strArr[i] = stringTokenizer.nextToken();
                }
            }
            String property2 = properties.getProperty(PropertyNames.SSL_ENABLED_PROTOCOLS);
            String[] strArr2 = null;
            if (property2 != null) {
                StringTokenizer stringTokenizer2 = new StringTokenizer(property2, ",");
                int countTokens2 = stringTokenizer2.countTokens();
                strArr2 = new String[countTokens2];
                for (int i2 = 0; i2 < countTokens2; i2++) {
                    strArr2[i2] = stringTokenizer2.nextToken();
                }
            }
            boolean booleanValue3 = Boolean.valueOf(properties.getProperty(PropertyNames.SSL_NEED_CLIENT_AUTH, "false")).booleanValue();
            String str2 = null;
            String str3 = null;
            String str4 = null;
            if (booleanValue) {
                str2 = properties.getProperty(PropertyNames.LOGIN_CONFIG_NAME);
                if (str2 == null) {
                    str3 = properties.getProperty(PropertyNames.PASSWORD_FILE_NAME, getDefaultFileName(DefaultValues.PASSWORD_FILE_NAME));
                    checkPasswordFile(str3);
                }
                str4 = properties.getProperty(PropertyNames.ACCESS_FILE_NAME, getDefaultFileName(DefaultValues.ACCESS_FILE_NAME));
                checkAccessFile(str4);
            }
            if (log.isDebugOn()) {
                log.debug("initialize", Agent.getText("jmxremote.ConnectorBootstrap.initialize") + "\n\t" + PropertyNames.PORT + "=" + parseInt + "\n\t" + PropertyNames.USE_SSL + "=" + booleanValue2 + "\n\t" + PropertyNames.SSL_ENABLED_CIPHER_SUITES + "=" + property + "\n\t" + PropertyNames.SSL_ENABLED_PROTOCOLS + "=" + property2 + "\n\t" + PropertyNames.SSL_NEED_CLIENT_AUTH + "=" + booleanValue3 + "\n\t" + PropertyNames.USE_AUTHENTICATION + "=" + booleanValue + (booleanValue ? str2 == null ? "\n\tcom.sun.management.jmxremote.password.file=" + str3 : "\n\tcom.sun.management.jmxremote.login.config=" + str2 : "\n\t" + Agent.getText("jmxremote.ConnectorBootstrap.initialize.noAuthentication")) + (booleanValue ? "\n\tcom.sun.management.jmxremote.access.file=" + str4 : "") + "");
            }
            try {
                JMXConnectorServer exportMBeanServer = exportMBeanServer(ManagementFactory.getPlatformMBeanServer(), parseInt, booleanValue2, strArr, strArr2, booleanValue3, booleanValue, str2, str3, str4);
                JMXServiceURL address = exportMBeanServer.getAddress();
                log.config("initialize", Agent.getText("jmxremote.ConnectorBootstrap.initialize.ready", new JMXServiceURL(address.getProtocol(), address.getHost(), address.getPort(), "/jndi/rmi://" + address.getHost() + ":" + parseInt + "/jmxrmi").toString()));
                return exportMBeanServer;
            } catch (Exception e) {
                throw new AgentConfigurationError(AgentConfigurationError.AGENT_EXCEPTION, e, e.toString());
            }
        } catch (NumberFormatException e2) {
            throw new AgentConfigurationError(AgentConfigurationError.INVALID_JMXREMOTE_PORT, e2, str);
        }
    }

    public static JMXConnectorServer startLocalConnectorServer() {
        System.setProperty("java.rmi.server.randomIDs", "true");
        HashMap hashMap = new HashMap();
        hashMap.put((HashMap) RMIExporter.EXPORTER_ATTRIBUTE, (String) new PermanentExporter());
        try {
            JMXConnectorServer newJMXConnectorServer = JMXConnectorServerFactory.newJMXConnectorServer(new JMXServiceURL("rmi", null, 0), hashMap, ManagementFactory.getPlatformMBeanServer());
            newJMXConnectorServer.start();
            return newJMXConnectorServer;
        } catch (Exception e) {
            throw new AgentConfigurationError(AgentConfigurationError.AGENT_EXCEPTION, e, e.toString());
        }
    }

    private static void checkPasswordFile(String str) {
        if (str == null || str.length() == 0) {
            throw new AgentConfigurationError(AgentConfigurationError.PASSWORD_FILE_NOT_SET);
        }
        File file = new File(str);
        if (!file.exists()) {
            throw new AgentConfigurationError(AgentConfigurationError.PASSWORD_FILE_NOT_FOUND, str);
        }
        if (!file.canRead()) {
            throw new AgentConfigurationError(AgentConfigurationError.PASSWORD_FILE_NOT_READABLE, str);
        }
        FileSystem open = FileSystem.open();
        try {
            if (!open.supportsFileSecurity(file) || open.isAccessUserOnly(file)) {
                return;
            }
            log.config("initialize", Agent.getText("jmxremote.ConnectorBootstrap.initialize.password.readonly", str));
            throw new AgentConfigurationError(AgentConfigurationError.PASSWORD_FILE_ACCESS_NOT_RESTRICTED, str);
        } catch (IOException e) {
            throw new AgentConfigurationError(AgentConfigurationError.PASSWORD_FILE_READ_FAILED, e, str);
        }
    }

    private static void checkAccessFile(String str) {
        if (str == null || str.length() == 0) {
            throw new AgentConfigurationError(AgentConfigurationError.ACCESS_FILE_NOT_SET);
        }
        File file = new File(str);
        if (!file.exists()) {
            throw new AgentConfigurationError(AgentConfigurationError.ACCESS_FILE_NOT_FOUND, str);
        }
        if (!file.canRead()) {
            throw new AgentConfigurationError(AgentConfigurationError.ACCESS_FILE_NOT_READABLE, str);
        }
    }

    private static String getDefaultFileName(String str) {
        String str2 = File.separator;
        return System.getProperty("java.home") + str2 + "lib" + str2 + "management" + str2 + str;
    }

    private static JMXConnectorServer exportMBeanServer(MBeanServer mBeanServer, int i, boolean z, String[] strArr, String[] strArr2, boolean z2, boolean z3, String str, String str2, String str3) throws IOException, MalformedURLException {
        System.setProperty("java.rmi.server.randomIDs", "true");
        JMXServiceURL jMXServiceURL = new JMXServiceURL("rmi", null, 0);
        HashMap hashMap = new HashMap();
        PermanentExporter permanentExporter = new PermanentExporter();
        hashMap.put((HashMap) RMIExporter.EXPORTER_ATTRIBUTE, (String) permanentExporter);
        if (z3) {
            if (str != null) {
                hashMap.put((HashMap) "jmx.remote.x.login.config", str);
            }
            if (str2 != null) {
                hashMap.put((HashMap) "jmx.remote.x.password.file", str2);
            }
            hashMap.put((HashMap) "jmx.remote.x.access.file", str3);
            if (hashMap.get("jmx.remote.x.password.file") != 0 || hashMap.get("jmx.remote.x.login.config") != 0) {
                hashMap.put((HashMap) JMXConnectorServer.AUTHENTICATOR, (String) new AccessFileCheckerAuthenticator(hashMap));
            }
        }
        if (z) {
            SslRMIClientSocketFactory sslRMIClientSocketFactory = new SslRMIClientSocketFactory();
            SslRMIServerSocketFactory sslRMIServerSocketFactory = new SslRMIServerSocketFactory(strArr, strArr2, z2);
            hashMap.put((HashMap) RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, (String) sslRMIClientSocketFactory);
            hashMap.put((HashMap) RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, (String) sslRMIServerSocketFactory);
        }
        JMXConnectorServer jMXConnectorServer = null;
        try {
            jMXConnectorServer = JMXConnectorServerFactory.newJMXConnectorServer(jMXServiceURL, hashMap, mBeanServer);
            jMXConnectorServer.start();
            new SingleEntryRegistry(i, "jmxrmi", permanentExporter.firstExported);
            return jMXConnectorServer;
        } catch (IOException e) {
            if (jMXConnectorServer == null) {
                throw new AgentConfigurationError(AgentConfigurationError.CONNECTOR_SERVER_IO_ERROR, e, jMXServiceURL.toString());
            }
            throw new AgentConfigurationError(AgentConfigurationError.CONNECTOR_SERVER_IO_ERROR, e, jMXConnectorServer.getAddress().toString());
        }
    }

    private ConnectorBootstrap() {
    }
}
