package org.apache.catalina.mbeans;

import java.io.IOException;
import java.io.Serializable;
import java.lang.management.ManagementFactory;
import java.net.InetAddress;
import java.net.MalformedURLException;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.UnknownHostException;
import java.rmi.AlreadyBoundException;
import java.rmi.RemoteException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.rmi.server.RMIClientSocketFactory;
import java.rmi.server.RMIServerSocketFactory;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Locale;
import javax.management.remote.JMXConnectorServer;
import javax.management.remote.JMXServiceURL;
import javax.management.remote.rmi.RMIConnectorServer;
import javax.management.remote.rmi.RMIJRMPServerImpl;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.rmi.ssl.SslRMIClientSocketFactory;
import javax.rmi.ssl.SslRMIServerSocketFactory;
import org.apache.catalina.LifecycleEvent;
import org.apache.catalina.LifecycleListener;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: input_file:org/apache/catalina/mbeans/JmxRemoteLifecycleListener.class */
public class JmxRemoteLifecycleListener implements LifecycleListener {
    private static final Log log = LogFactory.getLog(JmxRemoteLifecycleListener.class);
    protected static final StringManager sm = StringManager.getManager("org.apache.catalina.mbeans");
    protected String rmiBindAddress = null;
    protected int rmiRegistryPortPlatform = -1;
    protected int rmiServerPortPlatform = -1;
    protected boolean rmiRegistrySSL = true;
    protected boolean rmiServerSSL = true;
    protected String[] ciphers = null;
    protected String[] protocols = null;
    protected boolean clientAuth = true;
    protected boolean authenticate = true;
    protected String passwordFile = null;
    protected String loginModuleName = null;
    protected String accessFile = null;
    protected boolean useLocalPorts = false;
    protected JMXConnectorServer csPlatform = null;

    /* loaded from: input_file:org/apache/catalina/mbeans/JmxRemoteLifecycleListener$RmiClientLocalhostSocketFactory.class */
    public static class RmiClientLocalhostSocketFactory implements RMIClientSocketFactory, Serializable {
        private static final long serialVersionUID = 1;
        private static final String FORCED_HOST = "localhost";
        private RMIClientSocketFactory factory;

        public RmiClientLocalhostSocketFactory(RMIClientSocketFactory rMIClientSocketFactory) {
            this.factory = null;
            this.factory = rMIClientSocketFactory;
        }

        public Socket createSocket(String str, int i) throws IOException {
            return this.factory == null ? new Socket(FORCED_HOST, i) : this.factory.createSocket(FORCED_HOST, i);
        }
    }

    /* loaded from: input_file:org/apache/catalina/mbeans/JmxRemoteLifecycleListener$RmiServerBindSocketFactory.class */
    public static class RmiServerBindSocketFactory implements RMIServerSocketFactory {
        private final InetAddress bindAddress;

        public RmiServerBindSocketFactory(String str) {
            InetAddress inetAddress = null;
            try {
                inetAddress = InetAddress.getByName(str);
            } catch (UnknownHostException e) {
                JmxRemoteLifecycleListener.log.error(JmxRemoteLifecycleListener.sm.getString("jmxRemoteLifecycleListener.invalidRmiBindAddress", new Object[]{str}), e);
            }
            this.bindAddress = inetAddress;
        }

        public ServerSocket createServerSocket(int i) throws IOException {
            return new ServerSocket(i, 0, this.bindAddress);
        }
    }

    /* loaded from: input_file:org/apache/catalina/mbeans/JmxRemoteLifecycleListener$SslRmiServerBindSocketFactory.class */
    public static class SslRmiServerBindSocketFactory extends SslRMIServerSocketFactory {
        private static final SSLServerSocketFactory sslServerSocketFactory;
        private static final String[] defaultProtocols;
        private final InetAddress bindAddress;

        public SslRmiServerBindSocketFactory(String[] strArr, String[] strArr2, boolean z, String str) {
            super(strArr, strArr2, z);
            InetAddress inetAddress = null;
            try {
                inetAddress = InetAddress.getByName(str);
            } catch (UnknownHostException e) {
                JmxRemoteLifecycleListener.log.error(JmxRemoteLifecycleListener.sm.getString("jmxRemoteLifecycleListener.invalidRmiBindAddress", new Object[]{str}), e);
            }
            this.bindAddress = inetAddress;
        }

        public ServerSocket createServerSocket(int i) throws IOException {
            SSLServerSocket sSLServerSocket = (SSLServerSocket) sslServerSocketFactory.createServerSocket(i, 0, this.bindAddress);
            if (getEnabledCipherSuites() != null) {
                sSLServerSocket.setEnabledCipherSuites(getEnabledCipherSuites());
            }
            if (getEnabledProtocols() == null) {
                sSLServerSocket.setEnabledProtocols(defaultProtocols);
            } else {
                sSLServerSocket.setEnabledProtocols(getEnabledProtocols());
            }
            sSLServerSocket.setNeedClientAuth(getNeedClientAuth());
            return sSLServerSocket;
        }

        static {
            try {
                SSLContext sSLContext = SSLContext.getDefault();
                sslServerSocketFactory = sSLContext.getServerSocketFactory();
                String[] protocols = sSLContext.getDefaultSSLParameters().getProtocols();
                ArrayList arrayList = new ArrayList(protocols.length);
                for (String str : protocols) {
                    if (!str.toUpperCase(Locale.ENGLISH).contains("SSL")) {
                        arrayList.add(str);
                    }
                }
                defaultProtocols = (String[]) arrayList.toArray(new String[arrayList.size()]);
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalStateException(e);
            }
        }
    }

    public String getRmiBindAddress() {
        return this.rmiBindAddress;
    }

    public void setRmiBindAddress(String str) {
        this.rmiBindAddress = str;
    }

    public int getRmiServerPortPlatform() {
        return this.rmiServerPortPlatform;
    }

    public void setRmiServerPortPlatform(int i) {
        this.rmiServerPortPlatform = i;
    }

    public int getRmiRegistryPortPlatform() {
        return this.rmiRegistryPortPlatform;
    }

    public void setRmiRegistryPortPlatform(int i) {
        this.rmiRegistryPortPlatform = i;
    }

    public boolean getUseLocalPorts() {
        return this.useLocalPorts;
    }

    public void setUseLocalPorts(boolean z) {
        this.useLocalPorts = z;
    }

    private void init() {
        this.rmiRegistrySSL = Boolean.parseBoolean(System.getProperty("com.sun.management.jmxremote.registry.ssl", "false"));
        this.rmiServerSSL = Boolean.parseBoolean(System.getProperty("com.sun.management.jmxremote.ssl", "true"));
        String property = System.getProperty("com.sun.management.jmxremote.ssl.enabled.protocols");
        if (property != null) {
            this.protocols = property.split(",");
        }
        String property2 = System.getProperty("com.sun.management.jmxremote.ssl.enabled.cipher.suites");
        if (property2 != null) {
            this.ciphers = property2.split(",");
        }
        this.clientAuth = Boolean.parseBoolean(System.getProperty("com.sun.management.jmxremote.ssl.need.client.auth", "true"));
        this.authenticate = Boolean.parseBoolean(System.getProperty("com.sun.management.jmxremote.authenticate", "true"));
        this.passwordFile = System.getProperty("com.sun.management.jmxremote.password.file", "jmxremote.password");
        this.accessFile = System.getProperty("com.sun.management.jmxremote.access.file", "jmxremote.access");
        this.loginModuleName = System.getProperty("com.sun.management.jmxremote.login.config");
    }

    public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
        if ("start" != lifecycleEvent.getType()) {
            if ("stop" == lifecycleEvent.getType()) {
                destroyServer("Platform", this.csPlatform);
                return;
            }
            return;
        }
        init();
        System.setProperty("java.rmi.server.randomIDs", "true");
        HashMap<String, Object> hashMap = new HashMap<>();
        SslRMIClientSocketFactory sslRMIClientSocketFactory = null;
        SslRMIServerSocketFactory sslRMIServerSocketFactory = null;
        SslRMIClientSocketFactory sslRMIClientSocketFactory2 = null;
        SslRMIServerSocketFactory sslRMIServerSocketFactory2 = null;
        if (this.rmiRegistrySSL) {
            sslRMIClientSocketFactory = new SslRMIClientSocketFactory();
            sslRMIServerSocketFactory = this.rmiBindAddress == null ? new SslRMIServerSocketFactory(this.ciphers, this.protocols, this.clientAuth) : new SslRmiServerBindSocketFactory(this.ciphers, this.protocols, this.clientAuth, this.rmiBindAddress);
        } else if (this.rmiBindAddress != null) {
            sslRMIServerSocketFactory = new RmiServerBindSocketFactory(this.rmiBindAddress);
        }
        if (this.rmiServerSSL) {
            sslRMIClientSocketFactory2 = new SslRMIClientSocketFactory();
            sslRMIServerSocketFactory2 = this.rmiBindAddress == null ? new SslRMIServerSocketFactory(this.ciphers, this.protocols, this.clientAuth) : new SslRmiServerBindSocketFactory(this.ciphers, this.protocols, this.clientAuth, this.rmiBindAddress);
        } else if (this.rmiBindAddress != null) {
            sslRMIServerSocketFactory2 = new RmiServerBindSocketFactory(this.rmiBindAddress);
        }
        if (this.rmiBindAddress != null) {
            System.setProperty("java.rmi.server.hostname", this.rmiBindAddress);
        }
        if (this.useLocalPorts) {
            sslRMIClientSocketFactory = new RmiClientLocalhostSocketFactory(sslRMIClientSocketFactory);
            sslRMIClientSocketFactory2 = new RmiClientLocalhostSocketFactory(sslRMIClientSocketFactory2);
        }
        if (sslRMIClientSocketFactory2 != null) {
            hashMap.put("jmx.remote.rmi.client.socket.factory", sslRMIClientSocketFactory2);
            hashMap.put("com.sun.jndi.rmi.factory.socket", sslRMIClientSocketFactory);
        }
        if (sslRMIServerSocketFactory2 != null) {
            hashMap.put("jmx.remote.rmi.server.socket.factory", sslRMIServerSocketFactory2);
        }
        if (this.authenticate) {
            hashMap.put("jmx.remote.x.password.file", this.passwordFile);
            hashMap.put("jmx.remote.x.access.file", this.accessFile);
            hashMap.put("jmx.remote.x.login.config", this.loginModuleName);
        }
        this.csPlatform = createServer("Platform", this.rmiBindAddress, this.rmiRegistryPortPlatform, this.rmiServerPortPlatform, hashMap, sslRMIClientSocketFactory, sslRMIServerSocketFactory, sslRMIClientSocketFactory2, sslRMIServerSocketFactory2);
    }

    private JMXConnectorServer createServer(String str, String str2, int i, int i2, HashMap<String, Object> hashMap, RMIClientSocketFactory rMIClientSocketFactory, RMIServerSocketFactory rMIServerSocketFactory, RMIClientSocketFactory rMIClientSocketFactory2, RMIServerSocketFactory rMIServerSocketFactory2) {
        try {
            Registry createRegistry = LocateRegistry.createRegistry(i, rMIClientSocketFactory, rMIServerSocketFactory);
            if (str2 == null) {
                str2 = "localhost";
            }
            String str3 = "service:jmx:rmi://" + str2;
            try {
                JMXServiceURL jMXServiceURL = new JMXServiceURL(str3.toString());
                RMIConnectorServer rMIConnectorServer = null;
                try {
                    RMIJRMPServerImpl rMIJRMPServerImpl = new RMIJRMPServerImpl(this.rmiServerPortPlatform, rMIClientSocketFactory2, rMIServerSocketFactory2, hashMap);
                    rMIConnectorServer = new RMIConnectorServer(jMXServiceURL, hashMap, rMIJRMPServerImpl, ManagementFactory.getPlatformMBeanServer());
                    rMIConnectorServer.start();
                    createRegistry.bind("jmxrmi", rMIJRMPServerImpl);
                    log.info(sm.getString("jmxRemoteLifecycleListener.start", new Object[]{Integer.toString(i), Integer.toString(i2), str}));
                } catch (AlreadyBoundException e) {
                    log.error(sm.getString("jmxRemoteLifecycleListener.createServerFailed", new Object[]{str}), e);
                } catch (IOException e2) {
                    log.error(sm.getString("jmxRemoteLifecycleListener.createServerFailed", new Object[]{str}), e2);
                }
                return rMIConnectorServer;
            } catch (MalformedURLException e3) {
                log.error(sm.getString("jmxRemoteLifecycleListener.invalidURL", new Object[]{str, str3}), e3);
                return null;
            }
        } catch (RemoteException e4) {
            log.error(sm.getString("jmxRemoteLifecycleListener.createRegistryFailed", new Object[]{str, Integer.toString(i)}), e4);
            return null;
        }
    }

    private void destroyServer(String str, JMXConnectorServer jMXConnectorServer) {
        if (jMXConnectorServer != null) {
            try {
                jMXConnectorServer.stop();
            } catch (IOException e) {
                log.error(sm.getString("jmxRemoteLifecycleListener.destroyServerFailed", new Object[]{str}), e);
            }
        }
    }
}
