package com.progress.ubroker.ssl;

import com.progress.common.ehnlog.ExtendedLogStream;
import com.progress.common.ehnlog.IAppLogger;
import com.progress.open4gl.dynamicapi.IPoolProps;
import com.progress.ubroker.client.TcpClientProtocol;
import com.progress.ubroker.ssl.SSLSocketUtilsFull;
import com.progress.ubroker.util.INetworkProtocol;
import com.progress.ubroker.util.IPropConst;
import com.progress.ubroker.util.IubMsgInputStream;
import com.progress.ubroker.util.IubMsgOutputStream;
import com.progress.ubroker.util.NetworkProtocolException;
import com.progress.ubroker.util.SocketConnectionInfoEx;
import java.io.IOException;
import java.io.PrintStream;
import java.net.InetAddress;
import java.net.Socket;
import java.util.Properties;
import java.util.regex.Pattern;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/o4glrt.jar:com/progress/ubroker/ssl/SSLClientProtocol.class
 */
/* loaded from: input_file:lib/progress.jar:com/progress/ubroker/ssl/SSLClientProtocol.class */
public class SSLClientProtocol extends TcpClientProtocol {
    private SSLSocketUtilsFull m_socketUtils;
    private Socket m_unsecureSocket = null;
    private String m_host = null;
    private int m_port = 0;
    private SSLParamsFull m_sslParams = null;
    private SSLSocketUtilsFull.SSLInfo m_sslInfo = null;
    private SocketConnectionInfoEx m_connectInfo = null;
    private String m_subjectName = null;
    private String m_poolName = "";

    public SSLClientProtocol() {
        this.m_socketUtils = null;
        this.m_protocolType = 5;
        this.m_protocolTypeName = INetworkProtocol.m_protocolTypeNames[5];
        this.m_socketUtils = new SSLSocketUtilsFull();
    }

    @Override // com.progress.ubroker.client.TcpClientProtocol, com.progress.ubroker.client.NetworkClientProtocol, com.progress.ubroker.util.INetworkProtocol
    public void openConnection(SocketConnectionInfoEx socketConnectionInfoEx, int i, Properties properties, Object obj, String str) throws Exception, NetworkProtocolException {
        super.openConnection(socketConnectionInfoEx, i, properties, obj, str);
        this.m_connectInfo = socketConnectionInfoEx;
        this.m_unsecureSocket = rawSocket();
        this.m_port = this.m_unsecureSocket.getPort();
        this.m_host = this.m_unsecureSocket.getInetAddress().getHostName();
        setRawSocket(getSSLSocket(this.m_unsecureSocket));
    }

    @Override // com.progress.ubroker.client.TcpClientProtocol, com.progress.ubroker.client.NetworkClientProtocol, com.progress.ubroker.util.INetworkProtocol
    public void closeConnection(boolean z) throws Exception, NetworkProtocolException {
        super.closeConnection(z);
        if (this.m_sslParams.isReusingSessions()) {
            SessionCache.getInstance().release(this.m_host, this.m_port);
        }
        if (this.m_unsecureSocket.isClosed()) {
            return;
        }
        this.m_unsecureSocket.close();
    }

    @Override // com.progress.ubroker.client.TcpClientProtocol, com.progress.ubroker.client.NetworkClientProtocol, com.progress.ubroker.util.INetworkProtocol
    public void init(Properties properties, IAppLogger iAppLogger, int i) throws Exception, NetworkProtocolException {
        super.init(properties, iAppLogger, i);
        initSSLParams(properties);
    }

    @Override // com.progress.ubroker.client.TcpClientProtocol, com.progress.ubroker.client.NetworkClientProtocol, com.progress.ubroker.util.INetworkProtocol
    public IubMsgInputStream getMsgInputStream(int i) throws Exception {
        try {
            IubMsgInputStream msgInputStream = super.getMsgInputStream(i);
            processSessionInformation();
            return msgInputStream;
        } catch (IOException e) {
            this.m_loggingObj.logStackTrace(8318992936683450153L, new Object[]{new Integer(i), "(input stream)"}, e);
            throw new NetworkProtocolException(4L, "SSL", e.getMessage());
        }
    }

    @Override // com.progress.ubroker.client.TcpClientProtocol, com.progress.ubroker.client.NetworkClientProtocol, com.progress.ubroker.util.INetworkProtocol
    public IubMsgOutputStream getMsgOutputStream(int i) throws Exception {
        try {
            IubMsgOutputStream msgOutputStream = super.getMsgOutputStream(i);
            processSessionInformation();
            return msgOutputStream;
        } catch (IOException e) {
            this.m_loggingObj.logStackTrace(8318992936683450153L, new Object[]{new Integer(i), "(output stream)"}, e);
            throw new NetworkProtocolException(4L, "SSL", e.getMessage());
        }
    }

    private Socket getSSLSocket(Socket socket) throws IOException {
        SSLSocketUtilsFull sSLSocketUtilsFull = new SSLSocketUtilsFull();
        if (this.m_sslParams.isReusingSessions()) {
            SSLSocketUtilsFull.SSLInfo sSLInfo = SessionCache.getInstance().get(this.m_host, this.m_port);
            this.m_sslParams.removeSession(this.m_host);
            if (sSLInfo != null) {
                this.m_sslParams.cacheSession(sSLInfo.getVendorSession());
            }
        }
        return sSLSocketUtilsFull.createSSLSocket(socket, this.m_sslParams);
    }

    public void initSSLParams(Properties properties) throws NetworkProtocolException {
        this.m_poolName = properties.get(IPoolProps.SESSION_POOL_NAME).toString();
        PrintStream printStream = new ExtendedLogStream(this.m_loggingObj, this.m_debugLogEntries, this.m_debugLogIndex).getPrintStream();
        try {
            this.m_sslParams = ClientParams.getInstance(this.m_poolName, properties, printStream);
            SessionCache.getInstance().setDebugStream(printStream);
        } catch (InvalidCertificateException e) {
            this.m_loggingObj.logError(8318992936683450152L, new Object[]{"(" + e.getMessage() + ")"});
            throw new NetworkProtocolException(2L, this.m_protocolTypeName, e.getMessage());
        } catch (IOException e2) {
            this.m_loggingObj.logStackTrace("ClientParams Initialization", e2);
            this.m_loggingObj.logError(8318992936683450151L, new Object[]{e2.toString()});
            throw new NetworkProtocolException(2L, this.m_protocolTypeName, e2.getMessage());
        }
    }

    private void processSessionInformation() throws IOException, NetworkProtocolException {
        this.m_sslInfo = getSSLInfo();
        if (this.m_sslParams.isReusingSessions()) {
            SessionCache.getInstance().put(this.m_host, this.m_port, this.m_sslInfo);
        }
        this.m_subjectName = this.m_socketUtils.getSubjectName(this.m_sslInfo);
        verifyHost();
    }

    protected void verifyHost() throws IOException, NetworkProtocolException {
        if (isHostVerificationDisabled() || this.m_socketUtils.isDefaultCertificate(this.m_sslInfo)) {
            return;
        }
        checkHosts(this.m_socketUtils.getCommonNameField(this.m_subjectName), InetAddress.getByName(this.m_connectInfo.getHost()).getCanonicalHostName());
    }

    private boolean isHostVerificationDisabled() {
        boolean z = false;
        try {
            if ("1".equals(getProtocolProperties().getProperty(IPoolProps.SSL_NO_HOST_VERIFY, "0"))) {
                z = true;
            }
        } catch (Exception e) {
            z = false;
        }
        return z;
    }

    private void checkHosts(String str, String str2) throws NetworkProtocolException {
        boolean z = false;
        if (this.m_loggingObj.ifLogBasic(this.m_debugLogEntries, this.m_debugLogIndex)) {
            this.m_loggingObj.logBasic(this.m_debugLogIndex, "Testing server certificate domain name.");
        }
        if (str != null && str2 != null) {
            if (str.contains("*")) {
                z = Pattern.matches(str.replace(IPropConst.GROUP_SEPARATOR, "\\.").replace("*", ".*"), str2);
            } else if (str2.equalsIgnoreCase(str)) {
                z = true;
            }
        }
        if (!z) {
            this.m_sslInfo.getPeerCertificateInfo();
        }
        if (z) {
            return;
        }
        NetworkProtocolException networkProtocolException = new NetworkProtocolException(5L, this.m_protocolTypeName, "The server domain 'CN=" + str2 + "' was not in the server certificate subject field.");
        this.m_loggingObj.logStackTrace(8318992936683450152L, new Object[]{"(host verify)"}, networkProtocolException);
        throw networkProtocolException;
    }

    private SSLSocketUtilsFull.SSLInfo getSSLInfo() throws IOException {
        SSLSocketUtilsFull.SSLInfo sSLInfo = (SSLSocketUtilsFull.SSLInfo) new SSLSocketUtilsFull().getSocketSSLInfo(rawSocket());
        if (this.m_loggingObj.ifLogBasic(this.m_debugLogEntries, this.m_debugLogIndex)) {
            this.m_loggingObj.logBasic(this.m_debugLogIndex, sSLInfo.toString(), (Object[]) null);
        }
        return sSLInfo;
    }

    @Override // com.progress.ubroker.client.TcpClientProtocol, com.progress.ubroker.util.INetworkProtocol
    public String getSSLSubjectName() {
        return this.m_subjectName;
    }

    @Override // com.progress.ubroker.client.TcpClientProtocol, com.progress.ubroker.client.NetworkClientProtocol, com.progress.ubroker.util.INetworkProtocol
    public void release() throws Exception {
        super.release();
        ClientParams.release(this.m_poolName);
    }
}
