package org.apache.geronimo.jmxremoting;

import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.UnknownHostException;
import java.rmi.server.RMIServerSocketFactory;
import java.util.HashMap;
import javax.management.MBeanServer;
import javax.management.NotificationFilterSupport;
import javax.management.remote.JMXConnectorServerFactory;
import javax.management.remote.JMXServiceURL;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.rmi.ssl.SslRMIClientSocketFactory;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.management.geronimo.KeystoreManager;
import org.apache.geronimo.system.jmx.MBeanServerReference;
import org.apache.geronimo.system.serverinfo.ServerInfo;

/* loaded from: input_file:org/apache/geronimo/jmxremoting/JMXSecureConnector.class */
public class JMXSecureConnector extends JMXConnector {
    private KeystoreManager keystoreManager;
    private String algorithm;
    private String secureProtocol;
    private String keyStore;
    private String trustStore;
    private String keyAlias;
    private boolean clientAuth;
    public static final GBeanInfo GBEAN_INFO;

    /* loaded from: input_file:org/apache/geronimo/jmxremoting/JMXSecureConnector$GeronimoSslRMIServerSocketFactory.class */
    private static class GeronimoSslRMIServerSocketFactory implements RMIServerSocketFactory {
        private SSLServerSocketFactory sssf;
        private boolean clientAuth;
        private InetAddress bindAddress;

        public GeronimoSslRMIServerSocketFactory(SSLServerSocketFactory sSLServerSocketFactory, String str, boolean z) throws UnknownHostException {
            this.sssf = sSLServerSocketFactory;
            this.bindAddress = InetAddress.getByName(str);
            this.clientAuth = z;
        }

        public ServerSocket createServerSocket(int i) throws IOException {
            SSLServerSocket sSLServerSocket = (SSLServerSocket) this.sssf.createServerSocket(i, 0, this.bindAddress);
            sSLServerSocket.setNeedClientAuth(this.clientAuth);
            return sSLServerSocket;
        }
    }

    public JMXSecureConnector(MBeanServerReference mBeanServerReference, ServerInfo serverInfo, String str, ClassLoader classLoader) {
        this(mBeanServerReference.getMBeanServer(), serverInfo, str, classLoader);
    }

    public JMXSecureConnector(MBeanServer mBeanServer, ServerInfo serverInfo, String str, ClassLoader classLoader) {
        super(mBeanServer, serverInfo, str, classLoader);
    }

    public void setKeystoreManager(KeystoreManager keystoreManager) {
        this.keystoreManager = keystoreManager;
    }

    public KeystoreManager getKeystoreManager() {
        return this.keystoreManager;
    }

    public String getKeyStore() {
        return this.keyStore;
    }

    public void setKeyStore(String str) {
        this.keyStore = str;
    }

    public String getTrustStore() {
        return this.trustStore;
    }

    public void setTrustStore(String str) {
        this.trustStore = str;
    }

    public String getKeyAlias() {
        return this.keyAlias;
    }

    public void setKeyAlias(String str) {
        this.keyAlias = str;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String str) {
        if ("default".equalsIgnoreCase(str)) {
            this.algorithm = KeyManagerFactory.getDefaultAlgorithm();
        } else {
            this.algorithm = str;
        }
    }

    public String getSecureProtocol() {
        return this.secureProtocol;
    }

    public void setSecureProtocol(String str) {
        this.secureProtocol = str;
    }

    public void setClientAuth(boolean z) {
        this.clientAuth = z;
    }

    public boolean isClientAuth() {
        return this.clientAuth;
    }

    @Override // org.apache.geronimo.jmxremoting.JMXConnector
    public void doStart() throws Exception {
        this.jmxServiceURL = new JMXServiceURL(this.protocol, this.host, this.port, this.urlPath);
        HashMap hashMap = new HashMap();
        Authenticator authenticator = null;
        if (this.applicationConfigName != null) {
            authenticator = new Authenticator(this.applicationConfigName, this.classLoader);
            hashMap.put("jmx.remote.x.access.file", this.serverInfo.resolveServerPath("var/security/jmx_access.properties"));
            hashMap.put("jmx.remote.authenticator", authenticator);
        } else {
            this.log.warn("Starting unauthenticating JMXConnector for " + this.jmxServiceURL);
        }
        GeronimoSslRMIServerSocketFactory geronimoSslRMIServerSocketFactory = new GeronimoSslRMIServerSocketFactory(this.keystoreManager.createSSLServerFactory((String) null, this.secureProtocol, this.algorithm, this.keyStore, this.keyAlias, this.trustStore, this.classLoader), this.host, this.clientAuth);
        SslRMIClientSocketFactory sslRMIClientSocketFactory = new SslRMIClientSocketFactory();
        hashMap.put("jmx.remote.rmi.server.socket.factory", geronimoSslRMIServerSocketFactory);
        hashMap.put("jmx.remote.rmi.client.socket.factory", sslRMIClientSocketFactory);
        this.server = JMXConnectorServerFactory.newJMXConnectorServer(this.jmxServiceURL, hashMap, this.mbeanServer);
        NotificationFilterSupport notificationFilterSupport = new NotificationFilterSupport();
        notificationFilterSupport.enableType("jmx.remote.connection.opened");
        notificationFilterSupport.enableType("jmx.remote.connection.closed");
        notificationFilterSupport.enableType("jmx.remote.connection.failed");
        this.server.addNotificationListener(authenticator, notificationFilterSupport, (Object) null);
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        Thread.currentThread().setContextClassLoader(getClass().getClassLoader());
        try {
            this.server.start();
            Thread.currentThread().setContextClassLoader(contextClassLoader);
            this.log.debug("Started JMXConnector " + this.server.getAddress());
        } catch (Throwable th) {
            Thread.currentThread().setContextClassLoader(contextClassLoader);
            throw th;
        }
    }

    public static GBeanInfo getGBeanInfo() {
        return GBEAN_INFO;
    }

    static {
        GBeanInfoBuilder createStatic = GBeanInfoBuilder.createStatic("JMX Secure Remoting Connector", JMXSecureConnector.class);
        createStatic.addReference("MBeanServerReference", MBeanServerReference.class);
        createStatic.addReference("ServerInfo", ServerInfo.class);
        createStatic.addAttribute("objectName", String.class, false);
        createStatic.addAttribute("classLoader", ClassLoader.class, false);
        createStatic.addAttribute("protocol", String.class, true, true);
        createStatic.addAttribute("host", String.class, true, true);
        createStatic.addAttribute("port", Integer.TYPE, true, true);
        createStatic.addAttribute("urlPath", String.class, true, true);
        createStatic.addAttribute("applicationConfigName", String.class, true, true);
        createStatic.addInterface(JMXConnectorInfo.class);
        createStatic.addReference("KeystoreManager", KeystoreManager.class);
        createStatic.addAttribute("algorithm", String.class, true, true);
        createStatic.addAttribute("secureProtocol", String.class, true, true);
        createStatic.addAttribute("keyStore", String.class, true, true);
        createStatic.addAttribute("keyAlias", String.class, true, true);
        createStatic.addAttribute("trustStore", String.class, true, true);
        createStatic.addAttribute("clientAuth", Boolean.TYPE, true, true);
        createStatic.setConstructor(new String[]{"MBeanServerReference", "ServerInfo", "objectName", "classLoader"});
        GBEAN_INFO = createStatic.getBeanInfo();
    }
}
