package com.ibm.it.rome.slm.scp.service;

import com.ibm.it.rome.common.trace.TraceHandler;
import com.ibm.it.rome.slm.access.ItlmLogManager;
import com.ibm.it.rome.slm.admin.bl.Server;
import com.ibm.it.rome.slm.admin.blservices.RuntimeServerAuthentication;
import com.ibm.it.rome.slm.admin.event.TimeSynchronizationError;
import com.ibm.it.rome.slm.runtime.service.CheckAgent;
import com.ibm.it.rome.slm.scp.CommunicationSkeleton;
import com.ibm.it.rome.slm.scp.SCPerror;
import com.ibm.it.rome.slm.scp.ScpClientCertificateInfo;
import com.ibm.it.rome.slm.scp.ScpPropertyValues;
import com.ibm.it.rome.slm.scp.ScpProtocolNames;
import com.ibm.it.rome.slm.scp.ScpRequest;
import com.ibm.it.rome.slm.scp.ScpResponse;
import com.ibm.it.rome.slm.scp.ServiceNames;
import com.ibm.it.rome.slm.scp.client.ClientConfiguration;
import com.ibm.it.rome.slm.scp.util.SlmContentStreamFactory;
import com.ibm.it.rome.slm.system.ReturnCodes;
import com.ibm.it.rome.slm.system.SecurityLevel;
import com.ibm.it.rome.slm.system.SlmException;
import com.ibm.it.rome.slm.system.SlmPropertyNames;
import com.ibm.it.rome.slm.system.SlmSystem;
import com.ibm.it.rome.slm.system.Version;
import com.ibm.it.rome.slm.util.TimeManager;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;

/* loaded from: input_file:install/data/ITAMROOT0/4.2.0.0/assembly.dat:com/ibm/it/rome/slm/scp/service/ServiceSkeleton.class */
public abstract class ServiceSkeleton extends CommunicationSkeleton implements SlmService {
    static final String COPYRIGHT = "(C) Copyright IBM Corporation 2001-2005. All rights reserved.";
    protected ScpRequest scpRequest;
    protected ScpResponse scpResponse;
    private SlmContentStreamFactory streamManager;
    private long remoteTimestamp;
    private long localTimestamp;
    private long timeOffset;
    private long receivedRuntimeID;
    private String runtimeName;
    private String organizationName;
    private String runtimePassword;
    private String serviceId;
    private Server authenticatedRuntime;
    private long agentID;
    private String customerName;
    private long mailMinNotificationPeriod;
    private long lastMailTimestamp;
    protected boolean traceHostData;
    protected boolean traceUserData;
    protected boolean traceGroupData;

    /* JADX INFO: Access modifiers changed from: protected */
    public ServiceSkeleton(String str) {
        this.streamManager = SlmContentStreamFactory.getInstance();
        this.remoteTimestamp = 0L;
        this.localTimestamp = 0L;
        this.timeOffset = 0L;
        this.receivedRuntimeID = 0L;
        this.runtimeName = null;
        this.organizationName = null;
        this.runtimePassword = null;
        this.serviceId = null;
        this.authenticatedRuntime = null;
        this.agentID = 0L;
        this.customerName = null;
        this.mailMinNotificationPeriod = Long.parseLong(SlmSystem.getInstance().getProperty(SlmPropertyNames.MAIL_MIN_NOTIFICATION_PERIOD)) * 60000;
        this.lastMailTimestamp = 0L;
        this.traceHostData = true;
        this.traceUserData = true;
        this.traceGroupData = true;
        this.trace.trace("ServiceSkeleton.init() - Initializing service {0}", new Object[]{str});
        this.serviceId = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServiceSkeleton(String str, boolean z, boolean z2, boolean z3) {
        this.streamManager = SlmContentStreamFactory.getInstance();
        this.remoteTimestamp = 0L;
        this.localTimestamp = 0L;
        this.timeOffset = 0L;
        this.receivedRuntimeID = 0L;
        this.runtimeName = null;
        this.organizationName = null;
        this.runtimePassword = null;
        this.serviceId = null;
        this.authenticatedRuntime = null;
        this.agentID = 0L;
        this.customerName = null;
        this.mailMinNotificationPeriod = Long.parseLong(SlmSystem.getInstance().getProperty(SlmPropertyNames.MAIL_MIN_NOTIFICATION_PERIOD)) * 60000;
        this.lastMailTimestamp = 0L;
        this.traceHostData = true;
        this.traceUserData = true;
        this.traceGroupData = true;
        this.trace.trace("ServiceSkeleton.init() - Initializing service {0} with tracing level host={1},user={2},group={3}", new Object[]{str, new Boolean(z), new Boolean(z2), new Boolean(z3)});
        this.serviceId = str;
        this.traceHostData = z;
        this.traceUserData = z2;
        this.traceGroupData = z3;
    }

    @Override // com.ibm.it.rome.slm.scp.CommunicationSkeleton
    public Object clone() {
        return super.clone();
    }

    public boolean traceUserDate() {
        return this.traceUserData;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.it.rome.slm.scp.CommunicationSkeleton
    public final String getVersionInUse() {
        if (this.scpRequest != null) {
            return this.scpRequest.getProtocolVersion();
        }
        throw new IllegalStateException("The scp request cannot be null");
    }

    @Override // com.ibm.it.rome.slm.scp.service.SlmService
    public String getServiceId() {
        return this.serviceId;
    }

    public abstract int doProcess();

    @Override // com.ibm.it.rome.slm.scp.service.SlmService
    public String getStatus() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("TLM ");
        if (SlmSystem.getInstance().isRuntime()) {
            stringBuffer.append(ItlmLogManager.RUNTIME_COMPONENT_LABEL);
        } else {
            stringBuffer.append("Administration Server");
        }
        stringBuffer.append(" version ");
        stringBuffer.append("2.3");
        return stringBuffer.toString();
    }

    public String getServerTimestamp() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(" server timestamp=");
        stringBuffer.append(this.localTimestamp);
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void closeResponseContent(int i, int i2, String str) {
        try {
            StringBuffer stringBuffer = new StringBuffer("<response:");
            stringBuffer.append(i);
            stringBuffer.append(",");
            stringBuffer.append(i2);
            if (SlmSystem.getInstance().isRuntime() && Version.compareVersion(this.scpRequest.getProtocolVersion(), "2.2") >= 0 && this.scpRequest.getType().equals(ScpPropertyValues.AGENTTYPE)) {
                stringBuffer.append(",");
                stringBuffer.append(Long.toString(TimeManager.getTime()));
            }
            stringBuffer.append(":");
            stringBuffer.append(str);
            stringBuffer.append(ScpProtocolNames.ENDTTAG);
            sendControlLine(stringBuffer.toString());
            flush();
            this.trace.data("Service skeleton - response content={0}", stringBuffer.toString());
        } catch (Exception e) {
            this.trace.error(e);
        }
    }

    protected void setClientTimestamp(long j) {
        this.remoteTimestamp = j;
    }

    public long getClientTimestamp() {
        return this.remoteTimestamp;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public long getLocalEventTime(String str) {
        try {
            if (this.remoteTimestamp == 0) {
                this.trace.debug("Service Skeleton - getLocalEventTime - Error: Client timestamp is not yet set, returning wrong EventTime value !!!");
                return Long.parseLong(str);
            }
            long parseLong = Long.parseLong(str);
            if (parseLong == 0) {
                return 0L;
            }
            return (Version.compareVersion(this.scpRequest.getProtocolVersion(), "2.1") <= 0 && SlmSystem.getInstance().isRuntime() && this.scpRequest.getType().equals(ScpPropertyValues.AGENTTYPE)) ? parseLong - this.timeOffset : parseLong;
        } catch (NumberFormatException e) {
            this.trace.debug(new StringBuffer().append("Service Skeleton - getLocaleventTime - Error: the given string=").append(str).append(" is not a long").toString());
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public long getReceivedRuntimeID() {
        if (SlmSystem.getInstance().isRuntime()) {
            throw new IllegalStateException("Service Skeleton - getRuntimeId - Error: This is not an Admin Server");
        }
        return this.receivedRuntimeID;
    }

    protected String getRuntimePassword() {
        if (SlmSystem.getInstance().isRuntime()) {
            throw new IllegalStateException("Service Skeleton - getRuntimePassword - Error: This is not an Admin Server");
        }
        return this.runtimePassword;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean fetchCommonParameters(ScpRequest scpRequest) throws IOException {
        String line = getLine();
        if (line == null) {
            this.trace.log("The first common parameters received is NULL. Most likely the body is NULL");
            return false;
        }
        this.remoteTimestamp = Long.parseLong(line);
        this.localTimestamp = TimeManager.getTime();
        this.timeOffset = this.remoteTimestamp - this.localTimestamp;
        this.trace.data(new StringBuffer().append("Time offset (remote time - client time) =").append(Long.toString(this.timeOffset)).toString());
        if (SlmSystem.getInstance().isRuntime()) {
            this.customerName = getLine();
            this.agentID = Long.parseLong(getLine());
            if (this.traceHostData) {
                this.trace.data("Service Skeleton - fetched common parameters remoteTimestamp={0}  customerName={1} agentID={2}", new Object[]{Long.toString(this.remoteTimestamp), this.customerName, Long.toString(this.agentID)});
                return true;
            }
            this.trace.data("Service Skeleton - fetched common parameters remoteTimestamp={0}  organizationName={1} agentID=*** ", new Object[]{Long.toString(this.remoteTimestamp), this.customerName});
            return true;
        }
        if (Version.compareVersion(scpRequest.getProtocolVersion(), "2.2") >= 0) {
            this.organizationName = getLine();
            this.runtimeName = getLine();
            this.runtimePassword = getLine();
            TraceHandler.TraceFeeder traceFeeder = this.trace;
            Object[] objArr = new Object[4];
            objArr[0] = Long.toString(this.remoteTimestamp);
            objArr[1] = this.runtimeName;
            objArr[2] = this.organizationName;
            objArr[3] = new Boolean(this.runtimePassword != null);
            traceFeeder.data("Service Skeleton - fetched common parameters remoteTimestamp={0} runtimeName={1} , orgName={2}, isRuntimePasswordPresent={3}", objArr);
            return true;
        }
        this.receivedRuntimeID = Long.parseLong(getLine());
        this.runtimePassword = getLine();
        TraceHandler.TraceFeeder traceFeeder2 = this.trace;
        Object[] objArr2 = new Object[3];
        objArr2[0] = Long.toString(this.remoteTimestamp);
        objArr2[1] = Long.toString(this.receivedRuntimeID);
        objArr2[2] = new Boolean(this.runtimePassword != null);
        traceFeeder2.data("Service Skeleton - fetched common parameters remoteTimestamp={0} runtimeID={1} isRuntimePasswordPresent={2} ", objArr2);
        if (!scpRequest.getService().equals(ServiceNames.RUNTIMEPLUGIN)) {
            return true;
        }
        this.runtimeName = getLine();
        this.organizationName = getLine();
        this.trace.jdata("fetchCommonParameters", "Service Skeleton - fetched common parameters runtimeName={0}, organizationName={1}", new Object[]{this.runtimeName, this.organizationName});
        return true;
    }

    @Override // com.ibm.it.rome.slm.scp.service.SlmService
    public int doProcess(ScpRequest scpRequest, ScpResponse scpResponse, InputStream inputStream, OutputStream outputStream) {
        InputStream slmServerInputStream = getSlmServerInputStream(scpRequest, inputStream);
        OutputStream slmServerOutputStream = getSlmServerOutputStream(scpRequest, outputStream);
        this.scpRequest = scpRequest;
        this.scpResponse = scpResponse;
        setStreams(slmServerInputStream, slmServerOutputStream);
        if (!isProtocolVersionSupported(scpRequest.getProtocolVersion())) {
            closeResponseContent(5, 0, "Protocol version not supported");
            return 5;
        }
        if (!SlmSystem.getInstance().isRuntime() && scpRequest.getType().equals(ScpPropertyValues.AGENTTYPE)) {
            closeResponseContent(1, 0, "An agent cannot make a request to an Admin !");
            return 1;
        }
        if (SlmSystem.getInstance().isRuntime() && scpRequest.getType().equals(ScpPropertyValues.ADMINTYPE)) {
            sendDummyResponse();
            closeResponseContent(1, 0, "An Admin cannot make a request to a Runtime !");
            return 1;
        }
        try {
            if (!fetchCommonParameters(scpRequest)) {
                closeResponseContent(3, 0, "Malformed POST request - Error in common parameters");
                return 3;
            }
            if (Version.compareVersion(scpRequest.getProtocolVersion(), "2.2") >= 0 && !scpRequest.getType().equals(ScpPropertyValues.TMRTYPE) && !checkValidTimeOffset()) {
                this.trace.jlog("doProcess", new StringBuffer().append("WARNING: time offset (remote time - client time) =").append(Long.toString(this.timeOffset)).append(" exceeds the maximum availble").toString());
                if (!SlmSystem.getInstance().isRuntime() && Math.abs(this.localTimestamp - this.lastMailTimestamp) >= this.mailMinNotificationPeriod) {
                    if (this.runtimeName != null) {
                        this.trace.jtrace("doProcess", new StringBuffer().append("Performing time synchronization error notification for the runtime server: ").append(this.runtimeName).toString());
                    } else {
                        this.trace.jtrace("doProcess", new StringBuffer().append("Performing time synchronization error notification for the runtime server (ID = ").append(this.receivedRuntimeID).append(")").toString());
                    }
                    try {
                        this.log.log(new TimeSynchronizationError(this.customerName, this.receivedRuntimeID, this.runtimeName));
                        this.log.flush();
                        this.lastMailTimestamp = this.localTimestamp;
                    } catch (SlmException e) {
                        this.trace.jlog("doProcess", "ERROR: time synchronization error event logging failed");
                    }
                }
                if (SlmSystem.getInstance().isRuntime() && scpRequest.getType().equals(ScpPropertyValues.AGENTTYPE)) {
                    closeResponseContent(0, 6, SCPerror.getMessage(6));
                    return 6;
                }
            }
            if (SlmSystem.getInstance().isRuntime()) {
                short parseShort = Short.parseShort(SlmSystem.getInstance().getProperty(SlmPropertyNames.AGENT_TO_RUNTIME_SECURITY_LEVEL));
                boolean z = Version.compareVersion(scpRequest.getProtocolVersion(), "2.2") >= 0;
                if (parseShort == 2) {
                    int i = -506;
                    if (scpRequest.getSecurityVal() == 0) {
                        if (z) {
                            i = -600;
                        }
                        this.trace.jdebug("doProcess", "The request is coming from a not secure channel");
                        this.trace.jdebug("doProcess", "Enable the MAX security level on the agent");
                        closeResponseContent(0, i, "Enable the MAX security level on the agent");
                        return 0;
                    }
                    if (scpRequest.getSecurityVal() == 1) {
                        this.trace.jdebug("doProcess", "The request is coming from a secure channel, but without client certificate");
                        this.trace.jdebug("doProcess", "Deploy the client certificate on the agent or turn to required the clientAuth directive on HTTP server");
                        if (z) {
                            i = -601;
                        }
                        closeResponseContent(0, i, "Deploy the client certificate on the agent or turn to required the clientAuth directive on HTTP server");
                        return 0;
                    }
                    ScpClientCertificateInfo clientCertInfo = scpRequest.getClientCertInfo();
                    if (!clientCertInfo.getOrganizationName().equals(this.customerName)) {
                        this.trace.jdebug("doProcess", "The organization nome in the client certificate doesnt match the organization sent by the agent. The agent configuration has been tampered");
                        this.trace.jdebug("doProcess", "Align the agent configuration to the certificate info");
                        if (z) {
                            i = -602;
                        }
                        closeResponseContent(0, i, "Organization certificate mismatch - configuration has been tampered");
                        return 0;
                    }
                    if (clientCertInfo.getAgentId() != this.agentID) {
                        this.trace.jdebug("doProcess", "The agent id in the client certificate doesnt match the id sent by. The agent configuration has been tampered");
                        this.trace.jdebug("doProcess", "Align the agent configuration to the certificate info");
                        if (z) {
                            i = -603;
                        }
                        closeResponseContent(0, i, "Agent id certificate mismatch - configuration has been tampered");
                        return 0;
                    }
                }
                if (!ClientConfiguration.getInstance().getRuntimeCustomerName().equals(this.customerName)) {
                    int i2 = -1;
                    this.trace.debug("The organization name is wrong");
                    this.trace.debug("Error in verifying the agent organization name");
                    if (z) {
                        i2 = -604;
                    }
                    closeResponseContent(0, i2, "The organization name is wrong");
                    return 0;
                }
                CheckAgent checkAgent = new CheckAgent(getAgentID(), this.serviceId);
                if (!checkAgent.execute()) {
                    this.trace.debug("The service has been requested from an unknown agent");
                    this.trace.debug("Error in verifying the agent id");
                    closeResponseContent(0, checkAgent.getReturnCode(), "Error in verifying the agent id");
                    return 0;
                }
            } else {
                RuntimeServerAuthentication runtimeServerAuthentication = new RuntimeServerAuthentication();
                if (SlmSystem.getInstance().getProperty(SlmPropertyNames.RUNTIME_TO_ADMIN_SECURITY_LEVEL).equalsIgnoreCase(SecurityLevel.RUNTIME_TO_ADMIN_MIN)) {
                    if (Version.compareVersion(scpRequest.getProtocolVersion(), "2.2") >= 0) {
                        if (!runtimeServerAuthentication.authenticate(this.organizationName, this.runtimeName)) {
                            this.trace.jdebug("doProcess", "The service has been requested from an unknown runtime server");
                            this.trace.jdebug("doProcess", "Check the runtime name and the organization name");
                            sendDummyResponse();
                            closeResponseContent(0, ReturnCodes.UNKNOWN_SERVER, "Check the runtime name and the organization name");
                            return 0;
                        }
                        this.authenticatedRuntime = runtimeServerAuthentication.getRuntimeServer();
                    } else if (this.scpRequest.getService().equals(ServiceNames.RUNTIMEPLUGIN)) {
                        if (!runtimeServerAuthentication.authenticate(this.organizationName, this.runtimeName)) {
                            this.trace.jdebug("doProcess", "The service has been requested from an unknown runtime server");
                            this.trace.jdebug("doProcess", "Check the runtime name and the organization name");
                            sendDummyResponse();
                            closeResponseContent(0, ReturnCodes.UNKNOWN_SERVER, "Check the runtime name and the organization name");
                            return 0;
                        }
                        this.authenticatedRuntime = runtimeServerAuthentication.getRuntimeServer();
                    } else {
                        if (!runtimeServerAuthentication.authenticate(this.receivedRuntimeID)) {
                            this.trace.jdebug("doProcess", "The service has been requested from an unknown runtime server");
                            this.trace.jdebug("doProcess", "Check the runtime id");
                            sendDummyResponse();
                            closeResponseContent(0, ReturnCodes.UNKNOWN_SERVER, "Check the runtime id");
                            return 0;
                        }
                        this.authenticatedRuntime = runtimeServerAuthentication.getRuntimeServer();
                    }
                } else {
                    if (scpRequest.getSecurityVal() != 1) {
                        this.trace.jdebug("doProcess", "The request is coming from a not secure channel");
                        this.trace.jdebug("doProcess", "Enable the SSL or the MAX security level on the runtime");
                        sendDummyResponse();
                        closeResponseContent(0, ReturnCodes.AUTHENTICATION_FAILED, "Enable the SSL or the MAX security level on the runtime");
                        return 0;
                    }
                    if (Version.compareVersion(scpRequest.getProtocolVersion(), "2.2") >= 0) {
                        if (!runtimeServerAuthentication.authenticate(this.organizationName, this.runtimeName, this.runtimePassword)) {
                            this.trace.jdebug("doProcess", "Wrong runtime credentials");
                            this.trace.jdebug("doProcess", "Check the runtime organization name, the runtime name and the runtime password");
                            sendDummyResponse();
                            closeResponseContent(0, ReturnCodes.AUTHENTICATION_FAILED, "Check the runtime organization name, the runtime name and the runtime password");
                            return 0;
                        }
                        this.authenticatedRuntime = runtimeServerAuthentication.getRuntimeServer();
                    } else if (this.scpRequest.getService().equals(ServiceNames.RUNTIMEPLUGIN)) {
                        if (!runtimeServerAuthentication.authenticate(this.organizationName, this.runtimeName, this.runtimePassword)) {
                            this.trace.jdebug("doProcess", "Wrong runtime credentials");
                            this.trace.jdebug("doProcess", "Check the the runtime organization name, the runtime name and the runtime password");
                            sendDummyResponse();
                            closeResponseContent(0, ReturnCodes.AUTHENTICATION_FAILED, "Check the the runtime organization name, the runtime name and the runtime password");
                            return 0;
                        }
                        this.authenticatedRuntime = runtimeServerAuthentication.getRuntimeServer();
                    } else {
                        if (!runtimeServerAuthentication.authenticate(this.receivedRuntimeID, this.runtimePassword)) {
                            this.trace.jdebug("doProcess", "Wrong runtime credentials");
                            this.trace.jdebug("doProcess", "Check the the runtime id and the runtime password");
                            sendDummyResponse();
                            closeResponseContent(0, ReturnCodes.AUTHENTICATION_FAILED, "Check the runtime id and the runtime password");
                            return 0;
                        }
                        this.authenticatedRuntime = runtimeServerAuthentication.getRuntimeServer();
                    }
                }
            }
            int doProcess = doProcess();
            if (doProcess != 0 && scpResponse != null) {
                scpResponse.setTemporanyMoved(false);
            }
            return doProcess;
        } catch (IOException e2) {
            this.trace.jlog("doProcess", new StringBuffer().append("IOException in ServiceSkeleton:doProcess() ").append(e2.getMessage()).append(" May be Exception in fetchCommonParameters() method").toString());
            return 2;
        } catch (NumberFormatException e3) {
            this.trace.jlog("doProcess", new StringBuffer().append("NumberFormatException in ServiceSkeleton: ").append(e3.getMessage()).append(" Error in parsing the parameter: wrong format").toString());
            closeResponseContent(3, 0, "Malformed POST request - Error in the format of common parameters");
            return 3;
        }
    }

    private boolean isProtocolVersionSupported(String str) {
        return Version.compareVersion(str, "2.3") <= 0 && Version.compareVersion(str, "2.1") >= 0;
    }

    private InputStream getSlmServerInputStream(ScpRequest scpRequest, InputStream inputStream) {
        return this.streamManager.getStreamByContentPolicy(scpRequest.getContentType()).getSlmInputStream(inputStream);
    }

    private OutputStream getSlmServerOutputStream(ScpRequest scpRequest, OutputStream outputStream) {
        return this.streamManager.getStreamByContentPolicy(scpRequest.getContentType()).getSlmOutputStream(outputStream);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public long getAgentID() {
        return this.agentID;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getCustomerName() {
        return this.customerName;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setTemporanyMoved(String str) {
        if (this.scpResponse == null) {
            this.trace.trace("Trying to redirect a request but some internal problem occurred");
            return;
        }
        this.trace.trace("Setting redirection for the service");
        this.scpResponse.setTemporanyMoved(true);
        this.scpResponse.setLocation(str);
    }

    protected boolean checkValidTimeOffset() {
        return Math.abs(this.timeOffset) <= (SlmSystem.getInstance().isRuntime() ? Long.parseLong(SlmSystem.getInstance().getProperty(SlmPropertyNames.RUNTIME_AGENT_MAX_OFFSET)) * 1000 : Long.parseLong(SlmSystem.getInstance().getProperty(SlmPropertyNames.ADMIN_RUNTIME_MAX_OFFSET)) * 1000);
    }

    protected void sendDummyResponse() {
    }

    public Server getAuthenticatedRuntime() {
        return this.authenticatedRuntime;
    }

    public String getRuntimeName() {
        return this.runtimeName;
    }
}
