package hudson.remoting;

import hudson.remoting.Channel;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.URL;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.ThreadFactory;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.CheckForNull;
import javax.annotation.concurrent.NotThreadSafe;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.eclipse.jetty.util.security.Constraint;
import org.fusesource.jansi.AnsiRenderer;
import org.jenkinsci.remoting.engine.EngineUtil;
import org.jenkinsci.remoting.engine.JnlpProtocol;
import org.jenkinsci.remoting.engine.JnlpProtocolFactory;
import org.springframework.aop.framework.autoproxy.target.QuickTargetSourceCreator;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/jenkins-cli.jar:hudson/remoting/Engine.class
  input_file:WEB-INF/lib/remoting-2.57.jar:hudson/remoting/Engine.class
  input_file:WEB-INF/slave.jar:hudson/remoting/Engine.class
 */
@NotThreadSafe
/* loaded from: input_file:WEB-INF/remoting.jar:hudson/remoting/Engine.class */
public class Engine extends Thread {

    @Deprecated
    public final EngineListener listener;
    private List<URL> candidateUrls;
    private List<X509Certificate> candidateCertificates;
    private URL hudsonUrl;
    private final String secretKey;
    public final String slaveName;
    private String credentials;
    private String tunnel;
    private boolean noReconnect;
    private static final ThreadLocal<Engine> CURRENT = new ThreadLocal<>();
    private static final Logger LOGGER = Logger.getLogger(Engine.class.getName());

    @Deprecated
    public static final String GREETING_SUCCESS = "Welcome";
    private final ExecutorService executor = Executors.newCachedThreadPool(new ThreadFactory() { // from class: hudson.remoting.Engine.1
        private final ThreadFactory defaultFactory = Executors.defaultThreadFactory();

        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(final Runnable runnable) {
            Thread newThread = this.defaultFactory.newThread(new Runnable() { // from class: hudson.remoting.Engine.1.1
                @Override // java.lang.Runnable
                public void run() {
                    Engine.CURRENT.set(Engine.this);
                    runnable.run();
                }
            });
            newThread.setDaemon(true);
            return newThread;
        }
    });
    private final EngineListenerSplitter events = new EngineListenerSplitter();
    private String proxyCredentials = System.getProperty("proxyCredentials");
    private JarCache jarCache = new FileSystemJarCache(new File(System.getProperty(org.apache.tools.ant.launch.Launcher.USER_HOMEDIR), ".jenkins/cache/jars"), true);

    public Engine(EngineListener engineListener, List<URL> list, String str, String str2) {
        this.listener = engineListener;
        this.events.add(engineListener);
        this.candidateUrls = list;
        this.secretKey = str;
        this.slaveName = str2;
        if (this.candidateUrls.isEmpty()) {
            throw new IllegalArgumentException("No URLs given");
        }
    }

    public void setJarCache(JarCache jarCache) {
        this.jarCache = jarCache;
    }

    public URL getHudsonUrl() {
        return this.hudsonUrl;
    }

    public void setTunnel(String str) {
        this.tunnel = str;
    }

    public void setCredentials(String str) {
        this.credentials = str;
    }

    public void setProxyCredentials(String str) {
        this.proxyCredentials = str;
    }

    public void setNoReconnect(boolean z) {
        this.noReconnect = z;
    }

    public void setCandidateCertificates(List<X509Certificate> list) {
        this.candidateCertificates = list == null ? null : new ArrayList(list);
    }

    public void addCandidateCertificate(X509Certificate x509Certificate) {
        if (this.candidateCertificates == null) {
            this.candidateCertificates = new ArrayList();
        }
        this.candidateCertificates.add(x509Certificate);
    }

    public void addListener(EngineListener engineListener) {
        this.events.add(engineListener);
    }

    public void removeListener(EngineListener engineListener) {
        this.events.remove(engineListener);
    }

    /* JADX WARN: Finally extract failed */
    @Override // java.lang.Thread, java.lang.Runnable
    public void run() {
        List<JnlpProtocol> createProtocols = JnlpProtocolFactory.createProtocols(this.secretKey, this.slaveName, this.events);
        boolean z = true;
        while (true) {
            if (z) {
                z = false;
            } else if (this.noReconnect) {
                return;
            }
            try {
                this.events.status("Locating server among " + this.candidateUrls);
                Throwable th = null;
                String str = null;
                String str2 = null;
                SSLSocketFactory sSLSocketFactory = null;
                if (this.candidateCertificates != null && !this.candidateCertificates.isEmpty()) {
                    KeyStore cacertsKeyStore = getCacertsKeyStore();
                    cacertsKeyStore.load(null, null);
                    int i = 0;
                    Iterator<X509Certificate> it = this.candidateCertificates.iterator();
                    while (it.hasNext()) {
                        int i2 = i;
                        i++;
                        cacertsKeyStore.setCertificateEntry(String.format("alias-%d", Integer.valueOf(i2)), it.next());
                    }
                    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                    trustManagerFactory.init(cacertsKeyStore);
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
                    sSLSocketFactory = sSLContext.getSocketFactory();
                }
                Iterator<URL> it2 = this.candidateUrls.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    }
                    URL next = it2.next();
                    String externalForm = next.toExternalForm();
                    if (!externalForm.endsWith("/")) {
                        externalForm = externalForm + '/';
                    }
                    URL url = new URL(externalForm + "tcpSlaveAgentListener/");
                    HttpURLConnection httpURLConnection = (HttpURLConnection) Util.openURLConnection(url);
                    if ((httpURLConnection instanceof HttpsURLConnection) && sSLSocketFactory != null) {
                        ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(sSLSocketFactory);
                    }
                    if (this.credentials != null) {
                        httpURLConnection.setRequestProperty("Authorization", "Basic " + Base64.encode(this.credentials.getBytes("UTF-8")));
                    }
                    if (this.proxyCredentials != null) {
                        httpURLConnection.setRequestProperty("Proxy-Authorization", "Basic " + Base64.encode(this.proxyCredentials.getBytes("UTF-8")));
                    }
                    try {
                        try {
                            httpURLConnection.setConnectTimeout(30000);
                            httpURLConnection.setReadTimeout(60000);
                            httpURLConnection.connect();
                            str2 = httpURLConnection.getHeaderField("X-Hudson-JNLP-Port");
                            if (httpURLConnection.getResponseCode() != 200) {
                                if (th == null) {
                                    th = new Exception(url + " is invalid: " + httpURLConnection.getResponseCode() + AnsiRenderer.CODE_TEXT_SEPARATOR + httpURLConnection.getResponseMessage());
                                }
                                httpURLConnection.disconnect();
                            } else if (str2 == null) {
                                if (th == null) {
                                    th = new Exception(next + " is not Jenkins");
                                }
                                httpURLConnection.disconnect();
                            } else {
                                str = httpURLConnection.getHeaderField("X-Jenkins-JNLP-Host");
                                if (str == null) {
                                    str = next.getHost();
                                }
                                httpURLConnection.disconnect();
                                this.hudsonUrl = next;
                                th = null;
                                this.candidateUrls = Collections.singletonList(this.hudsonUrl);
                            }
                        } catch (Throwable th2) {
                            httpURLConnection.disconnect();
                            throw th2;
                        }
                    } catch (IOException e) {
                        if (th == null) {
                            th = new IOException("Failed to connect to " + url + ": " + e.getMessage()).initCause(e);
                        }
                        httpURLConnection.disconnect();
                    }
                }
                if (th != null) {
                    this.events.error(th);
                    return;
                }
                this.events.status("Handshaking");
                Socket connect = connect(str, str2);
                ChannelBuilder withMode = new ChannelBuilder("channel", this.executor).withJarCache(this.jarCache).withMode(Channel.Mode.BINARY);
                Channel channel = null;
                for (JnlpProtocol jnlpProtocol : createProtocols) {
                    this.events.status("Trying protocol: " + jnlpProtocol.getName());
                    try {
                        channel = jnlpProtocol.establishChannel(connect, withMode);
                    } catch (IOException e2) {
                        this.events.status("Protocol failed to establish channel", e2);
                    }
                    if (channel != null) {
                        break;
                    }
                    connect.close();
                    connect = connect(str, str2);
                }
                if (channel == null) {
                    onConnectionRejected("None of the protocols were accepted");
                } else {
                    this.events.status("Connected");
                    channel.join();
                    this.events.status("Terminated");
                    if (this.noReconnect) {
                        return;
                    }
                    this.events.onDisconnect();
                    waitForServerToBack();
                    this.events.onReconnect();
                }
            } catch (Throwable th3) {
                this.events.error(th3);
                return;
            }
        }
    }

    private void onConnectionRejected(String str) throws InterruptedException {
        this.events.error(new Exception("The server rejected the connection: " + str));
        Thread.sleep(10000L);
    }

    private Socket connect(String str, String str2) throws IOException, InterruptedException {
        if (this.tunnel != null) {
            String[] split = this.tunnel.split(QuickTargetSourceCreator.PREFIX_COMMONS_POOL, 3);
            if (split.length != 2) {
                throw new IOException("Illegal tunneling parameter: " + this.tunnel);
            }
            if (split[0].length() > 0) {
                str = split[0];
            }
            if (split[1].length() > 0) {
                str2 = split[1];
            }
        }
        String str3 = "Connecting to " + str + ':' + str2;
        this.events.status(str3);
        int i = 1;
        while (true) {
            boolean z = false;
            InetSocketAddress inetSocketAddress = null;
            try {
                InetSocketAddress resolvedHttpProxyAddress = Util.getResolvedHttpProxyAddress(str, Integer.parseInt(str2));
                if (resolvedHttpProxyAddress == null) {
                    resolvedHttpProxyAddress = new InetSocketAddress(str, Integer.parseInt(str2));
                } else {
                    z = true;
                }
                Socket socket = new Socket();
                socket.connect(resolvedHttpProxyAddress);
                socket.setTcpNoDelay(true);
                socket.setSoTimeout(1800000);
                if (z) {
                    socket.getOutputStream().write(String.format("CONNECT %s:%s HTTP/1.1\r\nHost: %s\r\n\r\n", str, str2, str).getBytes("UTF-8"));
                    BufferedInputStream bufferedInputStream = new BufferedInputStream(socket.getInputStream());
                    String readLine = EngineUtil.readLine(bufferedInputStream);
                    String[] split2 = readLine.split(AnsiRenderer.CODE_TEXT_SEPARATOR);
                    if (split2.length < 2 || !split2[1].equals("200")) {
                        throw new IOException("Got a bad response from proxy: " + readLine);
                    }
                    do {
                    } while (!EngineUtil.readLine(bufferedInputStream).isEmpty());
                }
                return socket;
            } catch (IOException e) {
                int i2 = i;
                i++;
                if (i2 > 10) {
                    throw new IOException("Failed to connect to " + str + ':' + str2 + (0 != 0 ? " through proxy " + inetSocketAddress.toString() : ""), e);
                }
                Thread.sleep(10000L);
                this.events.status(str3 + " (retrying:" + i + ")", e);
            }
        }
    }

    private void waitForServerToBack() throws InterruptedException {
        HttpURLConnection httpURLConnection;
        Thread currentThread = Thread.currentThread();
        String name = currentThread.getName();
        int i = 0;
        while (true) {
            try {
                Thread.sleep(10000L);
                try {
                    URL url = new URL(this.hudsonUrl, "tcpSlaveAgentListener/");
                    i++;
                    currentThread.setName(name + ": trying " + url + " for " + i + " times");
                    httpURLConnection = (HttpURLConnection) url.openConnection();
                    httpURLConnection.setConnectTimeout(5000);
                    httpURLConnection.setReadTimeout(5000);
                    httpURLConnection.connect();
                } catch (IOException e) {
                    LOGGER.log(Level.INFO, "Failed to connect to the master. Will retry again", (Throwable) e);
                }
                if (httpURLConnection.getResponseCode() == 200) {
                    return;
                } else {
                    LOGGER.info("Master isn't ready to talk to us. Will retry again: response code=" + httpURLConnection.getResponseCode());
                }
            } finally {
                currentThread.setName(name);
            }
        }
    }

    public static Engine current() {
        return CURRENT.get();
    }

    private static KeyStore getCacertsKeyStore() throws PrivilegedActionException, KeyStoreException, NoSuchProviderException, CertificateException, NoSuchAlgorithmException, IOException {
        File file;
        Map map = (Map) AccessController.doPrivileged(new PrivilegedExceptionAction<Map<String, String>>() { // from class: hudson.remoting.Engine.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Map<String, String> run() throws Exception {
                HashMap hashMap = new HashMap();
                hashMap.put("trustStore", System.getProperty("javax.net.ssl.trustStore"));
                hashMap.put("javaHome", System.getProperty("java.home"));
                hashMap.put("trustStoreType", System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType()));
                hashMap.put("trustStoreProvider", System.getProperty("javax.net.ssl.trustStoreProvider", ""));
                hashMap.put("trustStorePasswd", System.getProperty("javax.net.ssl.trustStorePassword", ""));
                return hashMap;
            }
        });
        KeyStore keyStore = null;
        FileInputStream fileInputStream = null;
        try {
            String str = (String) map.get("trustStore");
            if (!Constraint.NONE.equals(str)) {
                if (str != null) {
                    file = new File(str);
                    fileInputStream = getFileInputStream(file);
                } else {
                    String str2 = (String) map.get("javaHome");
                    file = new File(str2 + File.separator + org.apache.tools.ant.launch.Launcher.ANT_PRIVATELIB + File.separator + "security" + File.separator + "jssecacerts");
                    FileInputStream fileInputStream2 = getFileInputStream(file);
                    fileInputStream = fileInputStream2;
                    if (fileInputStream2 == null) {
                        file = new File(str2 + File.separator + org.apache.tools.ant.launch.Launcher.ANT_PRIVATELIB + File.separator + "security" + File.separator + "cacerts");
                        fileInputStream = getFileInputStream(file);
                    }
                }
                str = fileInputStream != null ? file.getPath() : "No File Available, using empty keystore.";
            }
            String str3 = (String) map.get("trustStoreType");
            String str4 = (String) map.get("trustStoreProvider");
            LOGGER.log(Level.FINE, "trustStore is: {0}", str);
            LOGGER.log(Level.FINE, "trustStore type is: {0}", str3);
            LOGGER.log(Level.FINE, "trustStore provider is: {0}", str4);
            if (str3.length() != 0) {
                LOGGER.log(Level.FINE, "init truststore");
                keyStore = str4.length() == 0 ? KeyStore.getInstance(str3) : KeyStore.getInstance(str3, str4);
                String str5 = (String) map.get("trustStorePasswd");
                char[] charArray = str5.length() != 0 ? str5.toCharArray() : null;
                keyStore.load(fileInputStream, charArray);
                if (charArray != null) {
                    for (int i = 0; i < charArray.length; i++) {
                        charArray[i] = 0;
                    }
                }
            }
            return keyStore;
        } finally {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        }
    }

    @CheckForNull
    private static FileInputStream getFileInputStream(final File file) throws PrivilegedActionException {
        return (FileInputStream) AccessController.doPrivileged(new PrivilegedExceptionAction<FileInputStream>() { // from class: hudson.remoting.Engine.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public FileInputStream run() throws Exception {
                try {
                    if (file.exists()) {
                        return new FileInputStream(file);
                    }
                    return null;
                } catch (FileNotFoundException e) {
                    return null;
                }
            }
        });
    }
}
