package hudson.remoting;

import edu.umd.cs.findbugs.annotations.CheckForNull;
import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import hudson.remoting.Channel;
import io.jenkins.remoting.shaded.jakarta.websocket.ClientEndpointConfig;
import io.jenkins.remoting.shaded.jakarta.websocket.CloseReason;
import io.jenkins.remoting.shaded.jakarta.websocket.ContainerProvider;
import io.jenkins.remoting.shaded.jakarta.websocket.Endpoint;
import io.jenkins.remoting.shaded.jakarta.websocket.EndpointConfig;
import io.jenkins.remoting.shaded.jakarta.websocket.HandshakeResponse;
import io.jenkins.remoting.shaded.jakarta.websocket.Session;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.URI;
import java.net.URL;
import java.nio.ByteBuffer;
import java.nio.file.Path;
import java.security.AccessController;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivilegedActionException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import net.jcip.annotations.NotThreadSafe;
import org.jenkinsci.remoting.engine.Jnlp4ConnectionState;
import org.jenkinsci.remoting.engine.JnlpAgentEndpoint;
import org.jenkinsci.remoting.engine.JnlpAgentEndpointConfigurator;
import org.jenkinsci.remoting.engine.JnlpAgentEndpointResolver;
import org.jenkinsci.remoting.engine.JnlpConnectionState;
import org.jenkinsci.remoting.engine.JnlpConnectionStateListener;
import org.jenkinsci.remoting.engine.JnlpEndpointResolver;
import org.jenkinsci.remoting.engine.WorkDirManager;
import org.jenkinsci.remoting.protocol.IOHub;
import org.jenkinsci.remoting.protocol.cert.BlindTrustX509ExtendedTrustManager;
import org.jenkinsci.remoting.protocol.cert.DelegatingX509ExtendedTrustManager;
import org.jenkinsci.remoting.protocol.impl.ConnectionRefusalException;
import org.jenkinsci.remoting.util.KeyUtils;
import org.jenkinsci.remoting.util.VersionNumber;

@NotThreadSafe
/* loaded from: input_file:swarm-client.jar:hudson/remoting/Engine.class */
public class Engine extends Thread {
    public static final String REMOTING_MINIMUM_VERSION_HEADER = "X-Remoting-Minimum-Version";
    public static final String WEBSOCKET_COOKIE_HEADER = "Connection-Cookie";
    private final ExecutorService executor;

    @Deprecated
    public final EngineListener listener;
    private final EngineListenerSplitter events;
    private final List<URL> candidateUrls;
    private List<X509Certificate> candidateCertificates;

    @CheckForNull
    private URL hudsonUrl;
    private final String secretKey;
    private final String agentName;
    private boolean webSocket;
    private Map<String, String> webSocketHeaders;
    private String credentials;
    private String protocolName;
    private String proxyCredentials;

    @CheckForNull
    private String tunnel;
    private boolean disableHttpsCertValidation;
    private boolean noReconnect;
    private boolean keepAlive;

    @CheckForNull
    private JarCache jarCache;

    @CheckForNull
    private Path agentLog;

    @CheckForNull
    private Path loggingConfigFilePath;

    @CheckForNull
    public Path workDir;

    @NonNull
    public String internalDir;
    public boolean failIfWorkDirIsMissing;
    private final DelegatingX509ExtendedTrustManager agentTrustManager;
    private final String directConnection;
    private final String instanceIdentity;
    private final Set<String> protocols;
    private static final ThreadLocal<Engine> CURRENT = new ThreadLocal<>();
    private static final Logger LOGGER = Logger.getLogger(Engine.class.getName());
    static final int SOCKET_TIMEOUT = Integer.getInteger(Engine.class.getName() + ".socketTimeout", 1800000).intValue();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: hudson.remoting.Engine$1HeaderHandler, reason: invalid class name */
    /* loaded from: input_file:swarm-client.jar:hudson/remoting/Engine$1HeaderHandler.class */
    public class C1HeaderHandler extends ClientEndpointConfig.Configurator {
        Capability remoteCapability = new Capability();
        final /* synthetic */ Map val$addedHeaders;

        C1HeaderHandler(Map map) {
            this.val$addedHeaders = map;
        }

        @Override // io.jenkins.remoting.shaded.jakarta.websocket.ClientEndpointConfig.Configurator
        public void beforeRequest(Map<String, List<String>> map) {
            map.putAll(this.val$addedHeaders);
            Engine.LOGGER.fine(() -> {
                return "Sending: " + map;
            });
        }

        @Override // io.jenkins.remoting.shaded.jakarta.websocket.ClientEndpointConfig.Configurator
        public void afterResponse(HandshakeResponse handshakeResponse) {
            Engine.LOGGER.fine(() -> {
                return "Receiving: " + handshakeResponse.getHeaders();
            });
            List<String> list = handshakeResponse.getHeaders().get(Engine.REMOTING_MINIMUM_VERSION_HEADER);
            if (list != null && !list.isEmpty()) {
                VersionNumber versionNumber = new VersionNumber(list.get(0));
                if (new VersionNumber(Launcher.VERSION).isOlderThan(versionNumber)) {
                    Engine.this.events.error(new IOException("Agent version " + versionNumber + " or newer is required."));
                }
            }
            try {
                List<String> list2 = handshakeResponse.getHeaders().get(Engine.WEBSOCKET_COOKIE_HEADER);
                if (list2 == null || list2.isEmpty()) {
                    this.val$addedHeaders.remove(Engine.WEBSOCKET_COOKIE_HEADER);
                } else {
                    this.val$addedHeaders.put(Engine.WEBSOCKET_COOKIE_HEADER, List.of(list2.get(0)));
                }
                this.remoteCapability = Capability.fromASCII(handshakeResponse.getHeaders().get(Capability.KEY).get(0));
                Engine.LOGGER.fine(() -> {
                    return "received " + this.remoteCapability;
                });
            } catch (IOException e) {
                Engine.this.events.error(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:swarm-client.jar:hudson/remoting/Engine$EngineJnlpConnectionStateListener.class */
    public class EngineJnlpConnectionStateListener extends JnlpConnectionStateListener {
        private final RSAPublicKey publicKey;
        private final Map<String, String> headers;

        public EngineJnlpConnectionStateListener(RSAPublicKey rSAPublicKey, Map<String, String> map) {
            this.publicKey = rSAPublicKey;
            this.headers = map;
        }

        @Override // org.jenkinsci.remoting.engine.JnlpConnectionStateListener
        public void beforeProperties(@NonNull JnlpConnectionState jnlpConnectionState) {
            X509Certificate certificate;
            if (!(jnlpConnectionState instanceof Jnlp4ConnectionState) || (certificate = ((Jnlp4ConnectionState) jnlpConnectionState).getCertificate()) == null) {
                return;
            }
            String fingerprint = KeyUtils.fingerprint(certificate.getPublicKey());
            if (!KeyUtils.equals(this.publicKey, certificate.getPublicKey())) {
                jnlpConnectionState.reject(new ConnectionRefusalException("Expecting identity " + fingerprint));
            }
            Engine.this.events.status("Remote identity confirmed: " + fingerprint);
        }

        @Override // org.jenkinsci.remoting.engine.JnlpConnectionStateListener
        public void afterProperties(@NonNull JnlpConnectionState jnlpConnectionState) {
            jnlpConnectionState.approve();
        }

        @Override // org.jenkinsci.remoting.engine.JnlpConnectionStateListener
        public void beforeChannel(@NonNull JnlpConnectionState jnlpConnectionState) {
            ChannelBuilder withMode = jnlpConnectionState.getChannelBuilder().withMode(Channel.Mode.BINARY);
            if (Engine.this.jarCache != null) {
                withMode.withJarCache(Engine.this.jarCache);
            }
        }

        @Override // org.jenkinsci.remoting.engine.JnlpConnectionStateListener
        public void afterChannel(@NonNull JnlpConnectionState jnlpConnectionState) {
            String property = jnlpConnectionState.getProperty(JnlpConnectionState.COOKIE_KEY);
            if (property == null) {
                this.headers.remove(JnlpConnectionState.COOKIE_KEY);
            } else {
                this.headers.put(JnlpConnectionState.COOKIE_KEY, property);
            }
        }
    }

    public Engine(EngineListener engineListener, List<URL> list, String str, String str2) {
        this(engineListener, list, str, str2, null, null, null);
    }

    public Engine(EngineListener engineListener, List<URL> list, String str, String str2, String str3, String str4, Set<String> set) {
        this.executor = Executors.newCachedThreadPool(new ThreadFactory() { // from class: hudson.remoting.Engine.1
            private final ThreadFactory defaultFactory = Executors.defaultThreadFactory();

            @Override // java.util.concurrent.ThreadFactory
            public Thread newThread(@NonNull Runnable runnable) {
                Thread newThread = this.defaultFactory.newThread(() -> {
                    Engine.CURRENT.set(Engine.this);
                    runnable.run();
                });
                newThread.setDaemon(true);
                newThread.setUncaughtExceptionHandler((thread, th) -> {
                    Engine.LOGGER.log(Level.SEVERE, th, () -> {
                        return "Uncaught exception in thread " + thread;
                    });
                });
                return newThread;
            }
        });
        this.events = new EngineListenerSplitter();
        this.proxyCredentials = System.getProperty("proxyCredentials");
        this.disableHttpsCertValidation = false;
        this.noReconnect = false;
        this.keepAlive = true;
        this.jarCache = null;
        this.loggingConfigFilePath = null;
        this.workDir = null;
        this.internalDir = WorkDirManager.DirType.INTERNAL_DIR.getDefaultLocation();
        this.failIfWorkDirIsMissing = false;
        this.agentTrustManager = new DelegatingX509ExtendedTrustManager(new BlindTrustX509ExtendedTrustManager());
        this.listener = engineListener;
        this.directConnection = str3;
        this.events.add(engineListener);
        this.candidateUrls = (List) list.stream().map(Engine::ensureTrailingSlash).collect(Collectors.toList());
        this.secretKey = str;
        this.agentName = str2;
        this.instanceIdentity = str4;
        this.protocols = set;
        if (this.candidateUrls.isEmpty() && str4 == null) {
            throw new IllegalArgumentException("No URLs given");
        }
        setUncaughtExceptionHandler((thread, th) -> {
            LOGGER.log(Level.SEVERE, th, () -> {
                return "Uncaught exception in Engine thread " + thread;
            });
            interrupt();
        });
    }

    private static URL ensureTrailingSlash(URL url) {
        if (url.toString().endsWith("/")) {
            return url;
        }
        try {
            return new URL(url + "/");
        } catch (MalformedURLException e) {
            throw new IllegalArgumentException(e);
        }
    }

    public synchronized void startEngine() throws IOException {
        startEngine(false);
    }

    void startEngine(boolean z) throws IOException {
        LOGGER.log(Level.INFO, "Using Remoting version: {0}", Launcher.VERSION);
        File file = null;
        if (this.workDir != null) {
            WorkDirManager workDirManager = WorkDirManager.getInstance();
            if (this.jarCache != null) {
                workDirManager.disable(WorkDirManager.DirType.JAR_CACHE_DIR);
            }
            if (this.loggingConfigFilePath != null) {
                workDirManager.setLoggingConfig(this.loggingConfigFilePath.toFile());
            }
            Path initializeWorkDir = workDirManager.initializeWorkDir(this.workDir.toFile(), this.internalDir, this.failIfWorkDirIsMissing);
            file = workDirManager.getLocation(WorkDirManager.DirType.JAR_CACHE_DIR);
            workDirManager.setupLogging(initializeWorkDir, this.agentLog);
        } else if (this.jarCache == null) {
            LOGGER.log(Level.WARNING, "No Working Directory. Using the legacy JAR Cache location: {0}", JarCache.DEFAULT_NOWS_JAR_CACHE_LOCATION);
            file = JarCache.DEFAULT_NOWS_JAR_CACHE_LOCATION;
        }
        if (this.jarCache != null) {
            LOGGER.log(Level.INFO, "Using custom JAR Cache: {0}", this.jarCache);
        } else {
            if (file == null) {
                throw new IOException("Cannot find the JAR Cache location");
            }
            LOGGER.log(Level.FINE, "Using standard File System JAR Cache. Root Directory is {0}", file);
            try {
                this.jarCache = new FileSystemJarCache(file, true);
            } catch (IllegalArgumentException e) {
                throw new IOException("Failed to initialize FileSystem JAR Cache in " + file, e);
            }
        }
        if (z) {
            return;
        }
        start();
    }

    public void setJarCache(@NonNull JarCache jarCache) {
        this.jarCache = jarCache;
    }

    public void setLoggingConfigFile(@NonNull Path path) {
        this.loggingConfigFilePath = path;
    }

    @CheckForNull
    public URL getHudsonUrl() {
        return this.hudsonUrl;
    }

    public void setWebSocket(boolean z) {
        this.webSocket = z;
    }

    public void setWebSocketHeaders(@NonNull Map<String, String> map) {
        this.webSocketHeaders = map;
    }

    public void setTunnel(@CheckForNull String str) {
        this.tunnel = str;
    }

    public void setCredentials(String str) {
        this.credentials = str;
    }

    public void setProxyCredentials(String str) {
        this.proxyCredentials = str;
    }

    public void setNoReconnect(boolean z) {
        this.noReconnect = z;
    }

    public boolean isDisableHttpsCertValidation() {
        return this.disableHttpsCertValidation;
    }

    public void setDisableHttpsCertValidation(boolean z) {
        this.disableHttpsCertValidation = z;
    }

    public void setAgentLog(@CheckForNull Path path) {
        this.agentLog = path;
    }

    public void setWorkDir(@CheckForNull Path path) {
        this.workDir = path;
    }

    public void setInternalDir(@NonNull String str) {
        this.internalDir = str;
    }

    public void setFailIfWorkDirIsMissing(boolean z) {
        this.failIfWorkDirIsMissing = z;
    }

    public boolean isKeepAlive() {
        return this.keepAlive;
    }

    public void setKeepAlive(boolean z) {
        this.keepAlive = z;
    }

    public void setCandidateCertificates(List<X509Certificate> list) {
        this.candidateCertificates = list == null ? null : new ArrayList(list);
    }

    public void addCandidateCertificate(X509Certificate x509Certificate) {
        if (this.candidateCertificates == null) {
            this.candidateCertificates = new ArrayList();
        }
        this.candidateCertificates.add(x509Certificate);
    }

    public void addListener(EngineListener engineListener) {
        this.events.add(engineListener);
    }

    public void removeListener(EngineListener engineListener) {
        this.events.remove(engineListener);
    }

    @Override // java.lang.Thread, java.lang.Runnable
    @SuppressFBWarnings(value = {"HARD_CODE_PASSWORD"}, justification = "Password doesn't need to be protected.")
    public void run() {
        if (this.webSocket) {
            runWebSocket();
            return;
        }
        try {
            IOHub create = IOHub.create(this.executor);
            try {
                try {
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    char[] charArray = "password".toCharArray();
                    try {
                        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                        try {
                            keyStore.load(null, charArray);
                            try {
                                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                                try {
                                    keyManagerFactory.init(keyStore, charArray);
                                    try {
                                        sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{this.agentTrustManager}, null);
                                        innerRun(create, sSLContext, this.executor);
                                        if (create != null) {
                                            create.close();
                                        }
                                    } catch (KeyManagementException e) {
                                        this.events.error(e);
                                        if (create != null) {
                                            create.close();
                                        }
                                    }
                                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e2) {
                                    throw new IllegalStateException(e2);
                                }
                            } catch (NoSuchAlgorithmException e3) {
                                throw new IllegalStateException("Java runtime specification requires support for default key manager", e3);
                            }
                        } catch (NoSuchAlgorithmException e4) {
                            throw new IllegalStateException("Java runtime specification requires support for JKS key store", e4);
                        } catch (CertificateException e5) {
                            throw new IllegalStateException("Empty keystore", e5);
                        }
                    } catch (KeyStoreException e6) {
                        throw new IllegalStateException("Java runtime specification requires support for JKS key store", e6);
                    }
                } finally {
                }
            } catch (NoSuchAlgorithmException e7) {
                throw new IllegalStateException("Java runtime specification requires support for TLS algorithm", e7);
            }
        } catch (IOException e8) {
            this.events.error(e8);
        }
    }

    @SuppressFBWarnings(value = {"REC_CATCH_EXCEPTION", "URLCONNECTION_SSRF_FD"}, justification = "checked exceptions were a mistake to begin with; connecting to Jenkins from agent")
    private void runWebSocket() {
        int responseCode;
        try {
            String ascii = new Capability().toASCII();
            HashMap hashMap = new HashMap();
            hashMap.put(JnlpConnectionState.CLIENT_NAME_KEY, List.of(this.agentName));
            hashMap.put(JnlpConnectionState.SECRET_KEY, List.of(this.secretKey));
            hashMap.put(Capability.KEY, List.of(ascii));
            if (this.webSocketHeaders != null) {
                for (Map.Entry<String, String> entry : this.webSocketHeaders.entrySet()) {
                    hashMap.put(entry.getKey(), List.of(entry.getValue()));
                }
            }
            while (true) {
                final AtomicReference atomicReference = new AtomicReference();
                final C1HeaderHandler c1HeaderHandler = new C1HeaderHandler(hashMap);
                this.hudsonUrl = this.candidateUrls.get(0);
                ContainerProvider.getWebSocketContainer().connectToServer(new Endpoint() { // from class: hudson.remoting.Engine.1AgentEndpoint

                    @SuppressFBWarnings(value = {"UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR"}, justification = "just trust me here")
                    Transport transport;

                    /* renamed from: hudson.remoting.Engine$1AgentEndpoint$Transport */
                    /* loaded from: input_file:swarm-client.jar:hudson/remoting/Engine$1AgentEndpoint$Transport.class */
                    class Transport extends AbstractByteBufferCommandTransport {
                        final Session session;

                        Transport(Session session) {
                            this.session = session;
                        }

                        @Override // hudson.remoting.AbstractByteBufferCommandTransport
                        protected void write(ByteBuffer byteBuffer, ByteBuffer byteBuffer2) throws IOException {
                            Engine.LOGGER.finest(() -> {
                                return "sending message of length + " + ChunkHeader.length(ChunkHeader.peek(byteBuffer));
                            });
                            this.session.getBasicRemote().sendBinary(byteBuffer, false);
                            this.session.getBasicRemote().sendBinary(byteBuffer2, true);
                        }

                        @Override // hudson.remoting.CommandTransport
                        public Capability getRemoteCapability() {
                            return c1HeaderHandler.remoteCapability;
                        }

                        @Override // hudson.remoting.CommandTransport
                        public void closeWrite() throws IOException {
                            Engine.this.events.status("Write side closed");
                            this.session.close();
                        }

                        @Override // hudson.remoting.CommandTransport
                        public void closeRead() throws IOException {
                            Engine.this.events.status("Read side closed");
                            this.session.close();
                        }
                    }

                    @Override // io.jenkins.remoting.shaded.jakarta.websocket.Endpoint
                    public void onOpen(Session session, EndpointConfig endpointConfig) {
                        Engine.this.events.status("WebSocket connection open");
                        session.addMessageHandler(ByteBuffer.class, this::onMessage);
                        try {
                            this.transport = new Transport(session);
                            atomicReference.set(new ChannelBuilder(Engine.this.agentName, Engine.this.executor).withJarCacheOrDefault(Engine.this.jarCache).build(this.transport));
                        } catch (IOException e) {
                            Engine.this.events.error(e);
                        }
                    }

                    private void onMessage(ByteBuffer byteBuffer) {
                        try {
                            this.transport.receive(byteBuffer);
                        } catch (IOException e) {
                            Engine.this.events.error(e);
                        } catch (InterruptedException e2) {
                            Engine.this.events.error(e2);
                            Thread.currentThread().interrupt();
                        }
                    }

                    @Override // io.jenkins.remoting.shaded.jakarta.websocket.Endpoint
                    @SuppressFBWarnings(value = {"RV_RETURN_VALUE_IGNORED_BAD_PRACTICE"}, justification = "We want the transport.terminate method to run asynchronously and don't want to wait for its status.")
                    public void onClose(Session session, CloseReason closeReason) {
                        Engine.LOGGER.fine(() -> {
                            return "onClose: " + closeReason;
                        });
                        ExecutorService executorService = ((Channel) atomicReference.get()).executor;
                        AtomicReference atomicReference2 = atomicReference;
                        executorService.submit(() -> {
                            this.transport.terminate(new ChannelClosedException((Channel) atomicReference2.get(), (Throwable) null));
                        });
                    }

                    @Override // io.jenkins.remoting.shaded.jakarta.websocket.Endpoint
                    @SuppressFBWarnings(value = {"RV_RETURN_VALUE_IGNORED_BAD_PRACTICE"}, justification = "We want the transport.terminate method to run asynchronously and don't want to wait for its status.")
                    public void onError(Session session, Throwable th) {
                        Engine.LOGGER.log(Level.FINE, (String) null, th);
                        ExecutorService executorService = ((Channel) atomicReference.get()).executor;
                        AtomicReference atomicReference2 = atomicReference;
                        executorService.submit(() -> {
                            this.transport.terminate(new ChannelClosedException((Channel) atomicReference2.get(), th));
                        });
                    }
                }, ClientEndpointConfig.Builder.create().configurator(c1HeaderHandler).build(), URI.create(this.hudsonUrl.toString().replaceFirst("^http", "ws") + "wsagents/"));
                while (atomicReference.get() == null) {
                    Thread.sleep(100L);
                }
                this.protocolName = "WebSocket";
                this.events.status("Connected");
                ((Channel) atomicReference.get()).join();
                this.events.status("Terminated");
                if (this.noReconnect) {
                    return;
                }
                this.events.onDisconnect();
                while (true) {
                    URL url = new URL(this.hudsonUrl, "login");
                    try {
                        HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
                        responseCode = httpURLConnection.getResponseCode();
                        httpURLConnection.disconnect();
                    } catch (IOException e) {
                        this.events.status(url + " is not ready", e);
                    }
                    if (responseCode == 200) {
                        break;
                    }
                    this.events.status(url + " is not ready: " + responseCode);
                    TimeUnit.SECONDS.sleep(10L);
                }
                reconnect();
            }
        } catch (Exception e2) {
            this.events.error(e2);
        }
    }

    private void reconnect() {
        try {
            this.events.status("Performing onReconnect operation.");
            this.events.onReconnect();
            this.events.status("onReconnect operation completed.");
        } catch (NoClassDefFoundError e) {
            this.events.status("onReconnect operation failed.");
            LOGGER.log(Level.WARNING, "Reconnection error.", (Throwable) e);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:77:0x02a3, code lost:
    
        onConnectionRejected("None of the protocols are enabled");
     */
    /* JADX WARN: Code restructure failed: missing block: B:78:0x02ac, code lost:
    
        if (r24 == null) goto L130;
     */
    /* JADX WARN: Code restructure failed: missing block: B:80:0x02af, code lost:
    
        r24.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:82:?, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:83:0x02b7, code lost:
    
        r27 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:84:0x02b9, code lost:
    
        r12.events.status("Failed to close socket", r27);
     */
    /* JADX WARN: Code restructure failed: missing block: B:85:0x02c5, code lost:
    
        return;
     */
    /* JADX WARN: Code restructure failed: missing block: B:86:?, code lost:
    
        return;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void innerRun(org.jenkinsci.remoting.protocol.IOHub r13, javax.net.ssl.SSLContext r14, java.util.concurrent.ExecutorService r15) {
        /*
            Method dump skipped, instructions count: 866
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: hudson.remoting.Engine.innerRun(org.jenkinsci.remoting.protocol.IOHub, javax.net.ssl.SSLContext, java.util.concurrent.ExecutorService):void");
    }

    private JnlpEndpointResolver createEndpointResolver(List<String> list) {
        JnlpEndpointResolver jnlpAgentEndpointConfigurator;
        if (this.directConnection == null) {
            SSLSocketFactory sSLSocketFactory = null;
            try {
                sSLSocketFactory = getSSLSocketFactory();
            } catch (Exception e) {
                this.events.error(e);
            }
            jnlpAgentEndpointConfigurator = new JnlpAgentEndpointResolver(list, this.credentials, this.proxyCredentials, this.tunnel, sSLSocketFactory, this.disableHttpsCertValidation);
        } else {
            jnlpAgentEndpointConfigurator = new JnlpAgentEndpointConfigurator(this.directConnection, this.instanceIdentity, this.protocols);
        }
        return jnlpAgentEndpointConfigurator;
    }

    private void onConnectionRejected(String str) throws InterruptedException {
        this.events.status("reconnect rejected, sleeping 10s: ", new Exception("The server rejected the connection: " + str));
        TimeUnit.SECONDS.sleep(10L);
    }

    private Socket connectTcp(@NonNull JnlpAgentEndpoint jnlpAgentEndpoint) throws IOException, InterruptedException {
        String str = "Connecting to " + jnlpAgentEndpoint.getHost() + ":" + jnlpAgentEndpoint.getPort();
        this.events.status(str);
        int i = 1;
        while (true) {
            try {
                Socket open = jnlpAgentEndpoint.open(SOCKET_TIMEOUT);
                open.setKeepAlive(this.keepAlive);
                return open;
            } catch (IOException e) {
                int i2 = i;
                i++;
                if (i2 > 10) {
                    throw e;
                }
                TimeUnit.SECONDS.sleep(10L);
                this.events.status(str + " (retrying:" + i + ")", e);
            }
        }
    }

    public static Engine current() {
        return CURRENT.get();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @SuppressFBWarnings(value = {"PATH_TRAVERSAL_IN"}, justification = "File path is loaded from system properties.")
    public static KeyStore getCacertsKeyStore() throws PrivilegedActionException, KeyStoreException, NoSuchProviderException, CertificateException, NoSuchAlgorithmException, IOException {
        File file;
        Map map = (Map) AccessController.doPrivileged(() -> {
            HashMap hashMap = new HashMap();
            hashMap.put("trustStore", System.getProperty("javax.net.ssl.trustStore"));
            hashMap.put("javaHome", System.getProperty("java.home"));
            hashMap.put("trustStoreType", System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType()));
            hashMap.put("trustStoreProvider", System.getProperty("javax.net.ssl.trustStoreProvider", ""));
            hashMap.put("trustStorePasswd", System.getProperty("javax.net.ssl.trustStorePassword", ""));
            return hashMap;
        });
        KeyStore keyStore = null;
        FileInputStream fileInputStream = null;
        try {
            String str = (String) map.get("trustStore");
            if (!"NONE".equals(str)) {
                if (str != null) {
                    file = new File(str);
                    fileInputStream = getFileInputStream(file);
                } else {
                    String str2 = (String) map.get("javaHome");
                    file = new File(str2 + File.separator + "lib" + File.separator + "security" + File.separator + "jssecacerts");
                    FileInputStream fileInputStream2 = getFileInputStream(file);
                    fileInputStream = fileInputStream2;
                    if (fileInputStream2 == null) {
                        file = new File(str2 + File.separator + "lib" + File.separator + "security" + File.separator + "cacerts");
                        fileInputStream = getFileInputStream(file);
                    }
                }
                str = fileInputStream != null ? file.getPath() : "No File Available, using empty keystore.";
            }
            String str3 = (String) map.get("trustStoreType");
            String str4 = (String) map.get("trustStoreProvider");
            LOGGER.log(Level.FINE, "trustStore is: {0}", str);
            LOGGER.log(Level.FINE, "trustStore type is: {0}", str3);
            LOGGER.log(Level.FINE, "trustStore provider is: {0}", str4);
            if (str3.length() != 0) {
                LOGGER.log(Level.FINE, "init truststore");
                keyStore = str4.length() == 0 ? KeyStore.getInstance(str3) : KeyStore.getInstance(str3, str4);
                char[] cArr = null;
                String str5 = (String) map.get("trustStorePasswd");
                if (str5.length() != 0) {
                    cArr = str5.toCharArray();
                }
                keyStore.load(fileInputStream, cArr);
                if (cArr != null) {
                    Arrays.fill(cArr, (char) 0);
                }
            }
            return keyStore;
        } finally {
            if (fileInputStream != null) {
                fileInputStream.close();
            }
        }
    }

    @CheckForNull
    private static FileInputStream getFileInputStream(File file) throws PrivilegedActionException {
        return (FileInputStream) AccessController.doPrivileged(() -> {
            try {
                if (file.exists()) {
                    return new FileInputStream(file);
                }
                return null;
            } catch (FileNotFoundException e) {
                return null;
            }
        });
    }

    private SSLSocketFactory getSSLSocketFactory() throws PrivilegedActionException, KeyStoreException, NoSuchProviderException, CertificateException, NoSuchAlgorithmException, IOException, KeyManagementException {
        SSLSocketFactory sSLSocketFactory = null;
        if (this.candidateCertificates != null && !this.candidateCertificates.isEmpty()) {
            KeyStore cacertsKeyStore = getCacertsKeyStore();
            cacertsKeyStore.load(null, null);
            int i = 0;
            Iterator<X509Certificate> it = this.candidateCertificates.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                cacertsKeyStore.setCertificateEntry(String.format("alias-%d", Integer.valueOf(i2)), it.next());
            }
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(cacertsKeyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            sSLSocketFactory = sSLContext.getSocketFactory();
        }
        return sSLSocketFactory;
    }

    public String getAgentName() {
        return this.agentName;
    }

    public String getProtocolName() {
        return this.protocolName;
    }
}
