package edu.vt.middleware.ldap.handler;

import edu.vt.middleware.ldap.LdapConfig;
import edu.vt.middleware.ldap.LdapConstants;
import java.io.IOException;
import java.util.Hashtable;
import javax.naming.CommunicationException;
import javax.naming.NamingException;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import javax.naming.ldap.StartTlsRequest;
import javax.naming.ldap.StartTlsResponse;

/* loaded from: input_file:edu/vt/middleware/ldap/handler/TlsConnectionHandler.class */
public class TlsConnectionHandler extends DefaultConnectionHandler {
    private StartTlsResponse startTlsResponse;
    private boolean stopTlsOnClose;

    public TlsConnectionHandler() {
    }

    public TlsConnectionHandler(LdapConfig ldapConfig) {
        super(ldapConfig);
    }

    public TlsConnectionHandler(TlsConnectionHandler tlsConnectionHandler) {
        setLdapConfig(tlsConnectionHandler.getLdapConfig());
        setConnectionStrategy(tlsConnectionHandler.getConnectionStrategy());
        setConnectionRetryExceptions(tlsConnectionHandler.getConnectionRetryExceptions());
        setConnectionCount(tlsConnectionHandler.getConnectionCount());
        setStopTlsOnClose(tlsConnectionHandler.getStopTlsOnClose());
    }

    public boolean getStopTlsOnClose() {
        return this.stopTlsOnClose;
    }

    public void setStopTlsOnClose(boolean z) {
        if (this.logger.isTraceEnabled()) {
            this.logger.trace("setting stopTlsOnClose: " + z);
        }
        this.stopTlsOnClose = z;
    }

    public StartTlsResponse getStartTlsResponse() {
        return this.startTlsResponse;
    }

    @Override // edu.vt.middleware.ldap.handler.DefaultConnectionHandler, edu.vt.middleware.ldap.handler.AbstractConnectionHandler
    protected void connectInternal(String str, String str2, Object obj, Hashtable<String, Object> hashtable) throws NamingException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Bind with the following parameters:");
            this.logger.debug("  authtype = " + str);
            this.logger.debug("  dn = " + str2);
            if (this.config.getLogCredentials()) {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("  credential = " + obj);
                }
            } else if (this.logger.isDebugEnabled()) {
                this.logger.debug("  credential = <suppressed>");
            }
            if (this.logger.isTraceEnabled()) {
                this.logger.trace("  env = " + hashtable);
            }
        }
        hashtable.put(LdapConstants.VERSION, LdapConstants.VERSION_THREE);
        try {
            this.context = new InitialLdapContext(hashtable, (Control[]) null);
            this.startTlsResponse = startTls(this.context);
            this.context.addToEnvironment(LdapConstants.AUTHENTICATION, str);
            if (str2 != null) {
                this.context.addToEnvironment(LdapConstants.PRINCIPAL, str2);
                if (obj != null) {
                    this.context.addToEnvironment(LdapConstants.CREDENTIALS, obj);
                }
            }
            this.context.reconnect((Control[]) null);
        } catch (NamingException e) {
            if (this.context != null) {
                try {
                    this.context.close();
                    this.context = null;
                } catch (Throwable th) {
                    this.context = null;
                    throw th;
                }
            }
            throw e;
        }
    }

    @Override // edu.vt.middleware.ldap.handler.AbstractConnectionHandler, edu.vt.middleware.ldap.handler.ConnectionHandler
    public void close() throws NamingException {
        try {
            try {
                if (this.stopTlsOnClose) {
                    stopTls(this.startTlsResponse);
                }
                this.startTlsResponse = null;
                super.close();
            } catch (NamingException e) {
                if (this.logger.isErrorEnabled()) {
                    this.logger.error("Error stopping TLS", e);
                }
                this.startTlsResponse = null;
                super.close();
            }
        } catch (Throwable th) {
            this.startTlsResponse = null;
            super.close();
            throw th;
        }
    }

    public StartTlsResponse startTls(LdapContext ldapContext) throws NamingException {
        try {
            StartTlsResponse extendedOperation = ldapContext.extendedOperation(new StartTlsRequest());
            if (this.config.useHostnameVerifier()) {
                if (this.logger.isTraceEnabled()) {
                    this.logger.trace("TLS hostnameVerifier = " + this.config.getHostnameVerifier());
                }
                extendedOperation.setHostnameVerifier(this.config.getHostnameVerifier());
            }
            if (this.config.useSslSocketFactory()) {
                if (this.logger.isTraceEnabled()) {
                    this.logger.trace("TLS sslSocketFactory = " + this.config.getSslSocketFactory());
                }
                extendedOperation.negotiate(this.config.getSslSocketFactory());
            } else {
                extendedOperation.negotiate();
            }
            return extendedOperation;
        } catch (IOException e) {
            if (this.logger.isErrorEnabled()) {
                this.logger.error("Could not negotiate TLS connection", e);
            }
            throw new CommunicationException(e.getMessage());
        }
    }

    public void stopTls(StartTlsResponse startTlsResponse) throws NamingException {
        if (startTlsResponse != null) {
            try {
                startTlsResponse.close();
            } catch (IOException e) {
                if (this.logger.isErrorEnabled()) {
                    this.logger.error("Could not close TLS connection", e);
                }
                throw new CommunicationException(e.getMessage());
            }
        }
    }

    @Override // edu.vt.middleware.ldap.handler.DefaultConnectionHandler, edu.vt.middleware.ldap.handler.AbstractConnectionHandler, edu.vt.middleware.ldap.handler.ConnectionHandler
    public TlsConnectionHandler newInstance() {
        return new TlsConnectionHandler(this);
    }
}
