package ghidra.framework.client;

import ghidra.framework.Application;
import ghidra.framework.model.ServerInfo;
import ghidra.framework.remote.AnonymousCallback;
import ghidra.framework.remote.GhidraPrincipal;
import ghidra.framework.remote.GhidraServerHandle;
import ghidra.framework.remote.RMIServerPortFactory;
import ghidra.framework.remote.RemoteRepositoryServerHandle;
import ghidra.framework.remote.SSHSignatureCallback;
import ghidra.framework.remote.SignatureCallback;
import ghidra.net.ApplicationKeyManagerFactory;
import ghidra.util.Msg;
import ghidra.util.exception.CancelledException;
import ghidra.util.task.CancelledListener;
import ghidra.util.task.Task;
import ghidra.util.task.TaskMonitor;
import java.io.Closeable;
import java.io.IOException;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.rmi.AccessException;
import java.rmi.NotBoundException;
import java.rmi.RemoteException;
import java.rmi.UnmarshalException;
import java.rmi.registry.LocateRegistry;
import java.rmi.registry.Registry;
import java.security.cert.Certificate;
import java.util.HashSet;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLSocket;
import javax.rmi.ssl.SslRMIClientSocketFactory;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:ghidra/framework/client/ServerConnectTask.class */
public class ServerConnectTask extends Task {
    private static final int LIVENESS_CHECK_TIMEOUT_MS = 3000;
    private ServerInfo server;
    private boolean allowLoginRetry;
    private RemoteRepositoryServerHandle hdl;
    private Exception exc;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ghidra/framework/client/ServerConnectTask$ConnectCancelledListener.class */
    public static class ConnectCancelledListener implements CancelledListener, Closeable {
        private TaskMonitor monitor;
        private CancelledListener callback;

        ConnectCancelledListener(TaskMonitor taskMonitor, CancelledListener cancelledListener) {
            this.monitor = taskMonitor;
            this.callback = cancelledListener;
            taskMonitor.addCancelledListener(this);
        }

        @Override // ghidra.util.task.CancelledListener
        public void cancelled() {
            if (this.callback != null) {
                this.callback.cancelled();
            }
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            this.monitor.removeCancelledListener(this);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ghidra/framework/client/ServerConnectTask$FastConnectionFailSocket.class */
    public static class FastConnectionFailSocket extends Socket {
        FastConnectionFailSocket(String str, int i) throws UnknownHostException, IOException {
            super(str, i);
        }

        @Override // java.net.Socket
        public void connect(SocketAddress socketAddress) throws IOException {
            connect(socketAddress, 3000);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServerConnectTask(ServerInfo serverInfo, boolean z) {
        super("Connecting to " + serverInfo.getServerName(), true, false, true);
        this.server = serverInfo;
        this.allowLoginRetry = z;
    }

    @Override // ghidra.util.task.Task
    public void run(TaskMonitor taskMonitor) throws CancelledException {
        TaskMonitor dummyIfNull = TaskMonitor.dummyIfNull(taskMonitor);
        try {
            try {
                try {
                    this.hdl = getRepositoryServerHandle(ClientUtil.getUserName(), dummyIfNull);
                    if (dummyIfNull.isCancelled()) {
                        this.exc = null;
                        throw new CancelledException();
                    }
                } catch (Exception e) {
                    this.exc = e;
                    if (dummyIfNull.isCancelled()) {
                        this.exc = null;
                        throw new CancelledException();
                    }
                }
            } catch (RemoteException e2) {
                this.exc = e2;
                Throwable cause = e2.getCause();
                if (cause instanceof Exception) {
                    this.exc = (Exception) cause;
                }
                if (dummyIfNull.isCancelled()) {
                    this.exc = null;
                    throw new CancelledException();
                }
            }
        } catch (Throwable th) {
            if (!dummyIfNull.isCancelled()) {
                throw th;
            }
            this.exc = null;
            throw new CancelledException();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Exception getException() {
        return this.exc;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RemoteRepositoryServerHandle getRepositoryServerHandle() {
        return this.hdl;
    }

    private static Subject getLocalUserSubject() {
        String userName = ClientUtil.getUserName();
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        hashSet.add(new GhidraPrincipal(userName));
        return new Subject(false, hashSet, hashSet2, hashSet2);
    }

    private static boolean isSSLHandshakeCancelled(SSLHandshakeException sSLHandshakeException) throws IOException {
        if (sSLHandshakeException.getMessage().indexOf("bad_certificate") <= 0) {
            return false;
        }
        if (ApplicationKeyManagerFactory.getPreferredKeyStore() == null) {
            throw new IOException("User PKI Certificate not installed", sSLHandshakeException);
        }
        return true;
    }

    public static GhidraServerHandle getGhidraServerHandle(ServerInfo serverInfo, TaskMonitor taskMonitor) throws IOException, CancelledException {
        boolean isCancelEnabled = taskMonitor.isCancelEnabled();
        try {
            try {
                testServerSSLConnection(serverInfo, taskMonitor);
                taskMonitor.setCancelEnabled(false);
                taskMonitor.setMessage("Connecting...");
                Registry registry = LocateRegistry.getRegistry(serverInfo.getServerName(), serverInfo.getPortNumber(), new SslRMIClientSocketFactory());
                checkServerBindNames(registry);
                GhidraServerHandle ghidraServerHandle = (GhidraServerHandle) registry.lookup(GhidraServerHandle.BIND_NAME);
                ghidraServerHandle.checkCompatibility(11);
                taskMonitor.setCancelEnabled(isCancelEnabled);
                taskMonitor.setMessage("");
                return ghidraServerHandle;
            } catch (NotBoundException e) {
                throw new IOException(e.getMessage());
            } catch (SSLHandshakeException e2) {
                if (!isSSLHandshakeCancelled(e2)) {
                    throw e2;
                }
                taskMonitor.setCancelEnabled(isCancelEnabled);
                taskMonitor.setMessage("");
                return null;
            } catch (RemoteException e3) {
                Throwable cause = e3.getCause();
                if ((cause instanceof UnmarshalException) || (cause instanceof ClassNotFoundException)) {
                    throw new RemoteException("Incompatible Ghidra Server interface version");
                }
                if (!(cause instanceof SSLHandshakeException) || !isSSLHandshakeCancelled((SSLHandshakeException) cause)) {
                    throw e3;
                }
                taskMonitor.setCancelEnabled(isCancelEnabled);
                taskMonitor.setMessage("");
                return null;
            }
        } catch (Throwable th) {
            taskMonitor.setCancelEnabled(isCancelEnabled);
            taskMonitor.setMessage("");
            throw th;
        }
    }

    private RemoteRepositoryServerHandle getRepositoryServerHandle(String str, TaskMonitor taskMonitor) throws IOException, LoginException, CancelledException {
        GhidraServerHandle ghidraServerHandle = getGhidraServerHandle(this.server, taskMonitor);
        PasswordCallback[] passwordCallbackArr = null;
        try {
            try {
                boolean z = this.allowLoginRetry;
                String str2 = null;
                Callback[] authenticationCallbacks = ghidraServerHandle.getAuthenticationCallbacks();
                SignatureCallback signatureCallback = null;
                boolean z2 = false;
                if (authenticationCallbacks != null) {
                    for (Callback callback : authenticationCallbacks) {
                        if (callback instanceof SignatureCallback) {
                            signatureCallback = (SignatureCallback) callback;
                        } else if (callback instanceof SSHSignatureCallback) {
                            z2 = true;
                        }
                    }
                }
                AnonymousCallback anonymousCallback = null;
                while (true) {
                    try {
                        if (authenticationCallbacks != null) {
                            if (0 != 0) {
                                anonymousCallback.setAnonymousAccessRequested(true);
                            } else if (authenticationCallbacks.length == 1 && (authenticationCallbacks[0] instanceof AnonymousCallback)) {
                            } else if (z2 && ClientUtil.isSSHKeyAvailable()) {
                                ClientUtil.processSSHSignatureCallback(authenticationCallbacks, this.server.getServerName(), str);
                            } else if (signatureCallback != null) {
                                if (!ApplicationKeyManagerFactory.initialize()) {
                                    throw new IOException("Client PKI certificate has not been installed");
                                }
                                if (ApplicationKeyManagerFactory.usingGeneratedSelfSignedCertificate()) {
                                    Msg.warn(this, "Server connect - client is using self-signed PKI certificate");
                                }
                                ClientUtil.processSignatureCallback(this.server.getServerName(), signatureCallback);
                            } else if (!ClientUtil.processPasswordCallbacks(authenticationCallbacks, this.server.getServerName(), str, str2)) {
                                if (authenticationCallbacks != null) {
                                    for (Callback callback2 : authenticationCallbacks) {
                                        if (callback2 instanceof PasswordCallback) {
                                            ((PasswordCallback) callback2).clearPassword();
                                        }
                                    }
                                }
                                return null;
                            }
                        }
                        RemoteRepositoryServerHandle repositoryServer = ghidraServerHandle.getRepositoryServer(getLocalUserSubject(), authenticationCallbacks);
                        if (repositoryServer.isReadOnly()) {
                            Msg.showInfo(this, null, "Anonymous Server Login", "You have been logged-in anonymously to " + this.server.getServerName() + "\nRead-only permission is granted to repositories which allow anonymous access");
                        }
                        if (authenticationCallbacks != null) {
                            for (Callback callback3 : authenticationCallbacks) {
                                if (callback3 instanceof PasswordCallback) {
                                    ((PasswordCallback) callback3).clearPassword();
                                }
                            }
                        }
                        return repositoryServer;
                    } catch (FailedLoginException e) {
                        if (!z) {
                            throw e;
                        }
                        str2 = "Access denied: " + String.valueOf(this.server);
                    }
                }
            } catch (AccessException e2) {
                throw new IOException(e2.getMessage());
            }
        } catch (Throwable th) {
            if (0 != 0) {
                for (PasswordCallback passwordCallback : passwordCallbackArr) {
                    if (passwordCallback instanceof PasswordCallback) {
                        passwordCallback.clearPassword();
                    }
                }
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void forceClose(Socket socket) {
        try {
            socket.close();
        } catch (IOException e) {
        }
    }

    private static Certificate[] testServerSSLConnection(ServerInfo serverInfo, TaskMonitor taskMonitor) throws IOException, CancelledException {
        RMIServerPortFactory rMIServerPortFactory = new RMIServerPortFactory(serverInfo.getPortNumber());
        SslRMIClientSocketFactory sslRMIClientSocketFactory = new SslRMIClientSocketFactory();
        String serverName = serverInfo.getServerName();
        int rMISSLPort = rMIServerPortFactory.getRMISSLPort();
        taskMonitor.setCancelEnabled(true);
        taskMonitor.setMessage("Checking Server Liveness...");
        try {
            FastConnectionFailSocket fastConnectionFailSocket = new FastConnectionFailSocket(serverName, rMISSLPort);
            try {
                new ConnectCancelledListener(taskMonitor, () -> {
                    forceClose(fastConnectionFailSocket);
                }).close();
                fastConnectionFailSocket.close();
                taskMonitor.checkCancelled();
                try {
                    SSLSocket sSLSocket = (SSLSocket) sslRMIClientSocketFactory.createSocket(serverName, rMISSLPort);
                    try {
                        ConnectCancelledListener connectCancelledListener = new ConnectCancelledListener(taskMonitor, () -> {
                            forceClose(sSLSocket);
                        });
                        try {
                            sSLSocket.startHandshake();
                            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
                            connectCancelledListener.close();
                            if (sSLSocket != null) {
                                sSLSocket.close();
                            }
                            return peerCertificates;
                        } catch (Throwable th) {
                            try {
                                connectCancelledListener.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                            throw th;
                        }
                    } finally {
                    }
                } finally {
                    taskMonitor.checkCancelled();
                }
            } finally {
            }
        } finally {
        }
    }

    private static void checkServerBindNames(Registry registry) throws RemoteException {
        String str = GhidraServerHandle.MIN_GHIDRA_VERSION;
        if (!Application.getApplicationVersion().startsWith(str)) {
            str = str + " - " + Application.getApplicationVersion();
        }
        RemoteException remoteException = null;
        int i = 0;
        for (String str2 : registry.list()) {
            if (str2.equals(GhidraServerHandle.BIND_NAME)) {
                return;
            }
            if (str2.startsWith(GhidraServerHandle.BIND_NAME_PREFIX)) {
                String substring = str2.substring(GhidraServerHandle.BIND_NAME_PREFIX.length());
                if (substring.length() == 0) {
                    substring = "4.3.x (or older)";
                }
                remoteException = new RemoteException("Incompatible Ghidra Server interface, detected interface version " + substring + ",\nthis client requires server version " + str);
                i++;
            }
        }
        if (remoteException == null) {
            throw new RemoteException("Ghidra Server not found.");
        }
        if (i != 1) {
            throw new RemoteException("Incompatible Ghidra Server interface, detected " + i + " incompatible server versions,\nthis client requires server version " + str);
        }
        throw remoteException;
    }
}
