package hudson.remoting;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.Socket;
import java.net.URL;
import java.nio.file.Path;
import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.ThreadFactory;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.annotation.concurrent.NotThreadSafe;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.eclipse.jetty.util.security.Constraint;
import org.jenkinsci.remoting.engine.JnlpAgentEndpoint;
import org.jenkinsci.remoting.engine.WorkDirManager;
import org.jenkinsci.remoting.protocol.IOHub;
import org.jenkinsci.remoting.protocol.cert.BlindTrustX509ExtendedTrustManager;
import org.jenkinsci.remoting.protocol.cert.DelegatingX509ExtendedTrustManager;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/remoting-3.21.jar:hudson/remoting/Engine.class
 */
@NotThreadSafe
/* loaded from: input_file:WEB-INF/jenkins-cli.jar:hudson/remoting/Engine.class */
public class Engine extends Thread {

    @Deprecated
    public final EngineListener listener;
    private List<URL> candidateUrls;
    private List<X509Certificate> candidateCertificates;

    @CheckForNull
    private URL hudsonUrl;
    private final String secretKey;
    public final String slaveName;
    private String credentials;
    private String tunnel;
    private boolean disableHttpsCertValidation;
    private boolean noReconnect;

    @CheckForNull
    private Path agentLog;
    private static final ThreadLocal<Engine> CURRENT = new ThreadLocal<>();
    private static final Logger LOGGER = Logger.getLogger(Engine.class.getName());
    static final int SOCKET_TIMEOUT = Integer.getInteger(Engine.class.getName() + ".socketTimeout", 1800000).intValue();
    private final ExecutorService executor = Executors.newCachedThreadPool(new ThreadFactory() { // from class: hudson.remoting.Engine.1
        private final ThreadFactory defaultFactory = Executors.defaultThreadFactory();

        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(Runnable runnable) {
            Thread newThread = this.defaultFactory.newThread(() -> {
                Engine.CURRENT.set(Engine.this);
                runnable.run();
            });
            newThread.setDaemon(true);
            newThread.setUncaughtExceptionHandler((thread, th) -> {
                Engine.LOGGER.log(Level.SEVERE, "Uncaught exception in thread " + thread, th);
            });
            return newThread;
        }
    });
    private final EngineListenerSplitter events = new EngineListenerSplitter();
    private String proxyCredentials = System.getProperty("proxyCredentials");
    private boolean keepAlive = true;

    @CheckForNull
    private JarCache jarCache = null;

    @CheckForNull
    private Path loggingConfigFilePath = null;

    @CheckForNull
    public Path workDir = null;

    @Nonnull
    public String internalDir = WorkDirManager.DirType.INTERNAL_DIR.getDefaultLocation();

    @Nonnull
    public boolean failIfWorkDirIsMissing = false;
    private DelegatingX509ExtendedTrustManager agentTrustManager = new DelegatingX509ExtendedTrustManager(new BlindTrustX509ExtendedTrustManager());

    public Engine(EngineListener engineListener, List<URL> list, String str, String str2) {
        this.listener = engineListener;
        this.events.add(engineListener);
        this.candidateUrls = list;
        this.secretKey = str;
        this.slaveName = str2;
        if (this.candidateUrls.isEmpty()) {
            throw new IllegalArgumentException("No URLs given");
        }
        setUncaughtExceptionHandler((thread, th) -> {
            LOGGER.log(Level.SEVERE, "Uncaught exception in Engine thread " + thread, th);
            interrupt();
        });
    }

    public synchronized void startEngine() throws IOException {
        startEngine(false);
    }

    void startEngine(boolean z) throws IOException {
        LOGGER.log(Level.INFO, "Using Remoting version: {0}", Launcher.VERSION);
        File file = null;
        if (this.workDir != null) {
            WorkDirManager workDirManager = WorkDirManager.getInstance();
            if (this.jarCache != null) {
                workDirManager.disable(WorkDirManager.DirType.JAR_CACHE_DIR);
            }
            if (this.loggingConfigFilePath != null) {
                workDirManager.setLoggingConfig(this.loggingConfigFilePath.toFile());
            }
            Path initializeWorkDir = workDirManager.initializeWorkDir(this.workDir.toFile(), this.internalDir, this.failIfWorkDirIsMissing);
            file = workDirManager.getLocation(WorkDirManager.DirType.JAR_CACHE_DIR);
            workDirManager.setupLogging(initializeWorkDir, this.agentLog);
        } else if (this.jarCache == null) {
            LOGGER.log(Level.WARNING, "No Working Directory. Using the legacy JAR Cache location: {0}", JarCache.DEFAULT_NOWS_JAR_CACHE_LOCATION);
            file = JarCache.DEFAULT_NOWS_JAR_CACHE_LOCATION;
        }
        if (this.jarCache != null) {
            LOGGER.log(Level.INFO, "Using custom JAR Cache: {0}", this.jarCache);
        } else {
            if (file == null) {
                throw new IOException("Cannot find the JAR Cache location");
            }
            LOGGER.log(Level.FINE, "Using standard File System JAR Cache. Root Directory is {0}", file);
            try {
                this.jarCache = new FileSystemJarCache(file, true);
            } catch (IllegalArgumentException e) {
                throw new IOException("Failed to initialize FileSystem JAR Cache in " + file, e);
            }
        }
        if (z) {
            return;
        }
        start();
    }

    public void setJarCache(@Nonnull JarCache jarCache) {
        this.jarCache = jarCache;
    }

    public void setLoggingConfigFile(@Nonnull Path path) {
        this.loggingConfigFilePath = path;
    }

    @CheckForNull
    public URL getHudsonUrl() {
        return this.hudsonUrl;
    }

    public void setTunnel(String str) {
        this.tunnel = str;
    }

    public void setCredentials(String str) {
        this.credentials = str;
    }

    public void setProxyCredentials(String str) {
        this.proxyCredentials = str;
    }

    public void setNoReconnect(boolean z) {
        this.noReconnect = z;
    }

    public boolean isDisableHttpsCertValidation() {
        return this.disableHttpsCertValidation;
    }

    public void setDisableHttpsCertValidation(boolean z) {
        this.disableHttpsCertValidation = z;
    }

    public void setAgentLog(@CheckForNull Path path) {
        this.agentLog = path;
    }

    public void setWorkDir(@CheckForNull Path path) {
        this.workDir = path;
    }

    public void setInternalDir(@Nonnull String str) {
        this.internalDir = str;
    }

    public void setFailIfWorkDirIsMissing(boolean z) {
        this.failIfWorkDirIsMissing = z;
    }

    public boolean isKeepAlive() {
        return this.keepAlive;
    }

    public void setKeepAlive(boolean z) {
        this.keepAlive = z;
    }

    public void setCandidateCertificates(List<X509Certificate> list) {
        this.candidateCertificates = list == null ? null : new ArrayList(list);
    }

    public void addCandidateCertificate(X509Certificate x509Certificate) {
        if (this.candidateCertificates == null) {
            this.candidateCertificates = new ArrayList();
        }
        this.candidateCertificates.add(x509Certificate);
    }

    public void addListener(EngineListener engineListener) {
        this.events.add(engineListener);
    }

    public void removeListener(EngineListener engineListener) {
        this.events.remove(engineListener);
    }

    @Override // java.lang.Thread, java.lang.Runnable
    public void run() {
        try {
            IOHub create = IOHub.create(this.executor);
            try {
                try {
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    char[] charArray = "password".toCharArray();
                    try {
                        KeyStore keyStore = KeyStore.getInstance("JKS");
                        try {
                            keyStore.load(null, charArray);
                            try {
                                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                                try {
                                    keyManagerFactory.init(keyStore, charArray);
                                    try {
                                        sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{this.agentTrustManager}, null);
                                        innerRun(create, sSLContext, this.executor);
                                        create.close();
                                    } catch (KeyManagementException e) {
                                        this.events.error(e);
                                        create.close();
                                    }
                                } catch (KeyStoreException e2) {
                                    throw new IllegalStateException(e2);
                                } catch (NoSuchAlgorithmException e3) {
                                    throw new IllegalStateException(e3);
                                } catch (UnrecoverableKeyException e4) {
                                    throw new IllegalStateException(e4);
                                }
                            } catch (NoSuchAlgorithmException e5) {
                                throw new IllegalStateException("Java runtime specification requires support for default key manager", e5);
                            }
                        } catch (NoSuchAlgorithmException e6) {
                            throw new IllegalStateException("Java runtime specification requires support for JKS key store", e6);
                        } catch (CertificateException e7) {
                            throw new IllegalStateException("Empty keystore", e7);
                        }
                    } catch (KeyStoreException e8) {
                        throw new IllegalStateException("Java runtime specification requires support for JKS key store", e8);
                    }
                } catch (NoSuchAlgorithmException e9) {
                    throw new IllegalStateException("Java runtime specification requires support for TLS algorithm", e9);
                }
            } catch (Throwable th) {
                create.close();
                throw th;
            }
        } catch (IOException e10) {
            this.events.error(e10);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:79:0x0344, code lost:
    
        onConnectionRejected("None of the protocols are enabled");
     */
    /* JADX WARN: Code restructure failed: missing block: B:80:0x034c, code lost:
    
        if (r24 == null) goto L131;
     */
    /* JADX WARN: Code restructure failed: missing block: B:82:0x034f, code lost:
    
        r24.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:84:?, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:85:0x0357, code lost:
    
        r27 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:86:0x0359, code lost:
    
        r12.events.status("Failed to close socket", r27);
     */
    /* JADX WARN: Code restructure failed: missing block: B:87:0x0364, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:88:?, code lost:
    
        return;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void innerRun(org.jenkinsci.remoting.protocol.IOHub r13, javax.net.ssl.SSLContext r14, java.util.concurrent.ExecutorService r15) {
        /*
            Method dump skipped, instructions count: 1023
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: hudson.remoting.Engine.innerRun(org.jenkinsci.remoting.protocol.IOHub, javax.net.ssl.SSLContext, java.util.concurrent.ExecutorService):void");
    }

    private void onConnectionRejected(String str) throws InterruptedException {
        this.events.error(new Exception("The server rejected the connection: " + str));
        Thread.sleep(10000L);
    }

    private Socket connect(@Nonnull JnlpAgentEndpoint jnlpAgentEndpoint) throws IOException, InterruptedException {
        String str = "Connecting to " + jnlpAgentEndpoint.getHost() + ':' + jnlpAgentEndpoint.getPort();
        this.events.status(str);
        int i = 1;
        while (true) {
            try {
                Socket open = jnlpAgentEndpoint.open(SOCKET_TIMEOUT);
                open.setKeepAlive(this.keepAlive);
                return open;
            } catch (IOException e) {
                int i2 = i;
                i++;
                if (i2 > 10) {
                    throw e;
                }
                Thread.sleep(10000L);
                this.events.status(str + " (retrying:" + i + ")", e);
            }
        }
    }

    public static Engine current() {
        return CURRENT.get();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyStore getCacertsKeyStore() throws PrivilegedActionException, KeyStoreException, NoSuchProviderException, CertificateException, NoSuchAlgorithmException, IOException {
        File file;
        Map map = (Map) AccessController.doPrivileged(new PrivilegedExceptionAction<Map<String, String>>() { // from class: hudson.remoting.Engine.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Map<String, String> run() throws Exception {
                HashMap hashMap = new HashMap();
                hashMap.put("trustStore", System.getProperty("javax.net.ssl.trustStore"));
                hashMap.put("javaHome", System.getProperty("java.home"));
                hashMap.put("trustStoreType", System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType()));
                hashMap.put("trustStoreProvider", System.getProperty("javax.net.ssl.trustStoreProvider", ""));
                hashMap.put("trustStorePasswd", System.getProperty("javax.net.ssl.trustStorePassword", ""));
                return hashMap;
            }
        });
        KeyStore keyStore = null;
        FileInputStream fileInputStream = null;
        try {
            String str = (String) map.get("trustStore");
            if (!Constraint.NONE.equals(str)) {
                if (str != null) {
                    file = new File(str);
                    fileInputStream = getFileInputStream(file);
                } else {
                    String str2 = (String) map.get("javaHome");
                    file = new File(str2 + File.separator + org.apache.tools.ant.launch.Launcher.ANT_PRIVATELIB + File.separator + "security" + File.separator + "jssecacerts");
                    FileInputStream fileInputStream2 = getFileInputStream(file);
                    fileInputStream = fileInputStream2;
                    if (fileInputStream2 == null) {
                        file = new File(str2 + File.separator + org.apache.tools.ant.launch.Launcher.ANT_PRIVATELIB + File.separator + "security" + File.separator + "cacerts");
                        fileInputStream = getFileInputStream(file);
                    }
                }
                str = fileInputStream != null ? file.getPath() : "No File Available, using empty keystore.";
            }
            String str3 = (String) map.get("trustStoreType");
            String str4 = (String) map.get("trustStoreProvider");
            LOGGER.log(Level.FINE, "trustStore is: {0}", str);
            LOGGER.log(Level.FINE, "trustStore type is: {0}", str3);
            LOGGER.log(Level.FINE, "trustStore provider is: {0}", str4);
            if (str3.length() != 0) {
                LOGGER.log(Level.FINE, "init truststore");
                keyStore = str4.length() == 0 ? KeyStore.getInstance(str3) : KeyStore.getInstance(str3, str4);
                String str5 = (String) map.get("trustStorePasswd");
                char[] charArray = str5.length() != 0 ? str5.toCharArray() : null;
                keyStore.load(fileInputStream, charArray);
                if (charArray != null) {
                    for (int i = 0; i < charArray.length; i++) {
                        charArray[i] = 0;
                    }
                }
            }
            return keyStore;
        } finally {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        }
    }

    @CheckForNull
    private static FileInputStream getFileInputStream(final File file) throws PrivilegedActionException {
        return (FileInputStream) AccessController.doPrivileged(new PrivilegedExceptionAction<FileInputStream>() { // from class: hudson.remoting.Engine.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public FileInputStream run() throws Exception {
                try {
                    if (file.exists()) {
                        return new FileInputStream(file);
                    }
                    return null;
                } catch (FileNotFoundException e) {
                    return null;
                }
            }
        });
    }

    private SSLSocketFactory getSSLSocketFactory() throws PrivilegedActionException, KeyStoreException, NoSuchProviderException, CertificateException, NoSuchAlgorithmException, IOException, KeyManagementException {
        SSLSocketFactory sSLSocketFactory = null;
        if (this.candidateCertificates != null && !this.candidateCertificates.isEmpty()) {
            KeyStore cacertsKeyStore = getCacertsKeyStore();
            cacertsKeyStore.load(null, null);
            int i = 0;
            Iterator<X509Certificate> it = this.candidateCertificates.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                cacertsKeyStore.setCertificateEntry(String.format("alias-%d", Integer.valueOf(i2)), it.next());
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(cacertsKeyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            sSLSocketFactory = sSLContext.getSocketFactory();
        }
        return sSLSocketFactory;
    }
}
