package com.ibm.network.ftp.protocol;

import com.ibm.eNetwork.ECL.ECLConnection;
import com.ibm.eNetwork.ECL.ECLErr;
import com.ibm.eNetwork.security.intf.HODSSLIntf;
import com.ibm.eNetwork.security.intf.HODSSLSessionIntf;
import com.ibm.network.ftp.FileInfo;
import com.ms.security.PermissionID;
import com.ms.security.PolicyEngine;
import java.io.IOException;
import java.lang.reflect.Method;
import java.net.Socket;
import java.net.SocketException;
import java.net.UnknownHostException;

/* loaded from: input_file:com/ibm/network/ftp/protocol/SecureConnection.class */
public class SecureConnection {
    public static final String SESSION_PROTOCOL_TLS = "SESSION_PROTOCOL_TLS";
    public static final String SESSION_PROTOCOL_SSL = "SESSION_PROTOCOL_SSL";
    private Socket socket;
    private HODSSLIntf hodSSLIntf;
    private Remote remote;
    private HODSSLSessionIntf sslFTPSessionIntf;
    private String hostName;
    private String portString;
    private int traceLevel;

    public SecureConnection(Remote remote, HODSSLSessionIntf hODSSLSessionIntf) {
        this.traceLevel = 0;
        this.remote = remote;
        this.sslFTPSessionIntf = hODSSLSessionIntf;
        this.traceLevel = remote.getTraceLevel();
    }

    public Socket secureSocket(Socket socket) throws IOException {
        return FileInfo.getUseSecurityManager().equals("IE") ? secureSocket_IE(socket) : secureSocket_Other(socket);
    }

    private synchronized Socket secureSocket_IE(Socket socket) throws IOException {
        try {
            PolicyEngine.assertPermission(PermissionID.NETIO);
        } catch (Exception e) {
            if (this.traceLevel >= 1) {
                traceMessage("secureSocket_IE(): Exception obtaining security permission.");
            }
        }
        return secureSocket_tail(socket);
    }

    private synchronized Socket secureSocket_Other(Socket socket) throws IOException {
        try {
            if (FileInfo.getUseSecurityManager().equals("NS")) {
                Class<?> cls = Class.forName("netscape.security.PrivilegeManager");
                Method method = cls.getMethod("enablePrivilege", "".getClass());
                Object[] objArr = {"UniversalFdWrite"};
                method.invoke(cls, objArr);
                objArr[0] = "UniversalFdRead";
                method.invoke(cls, objArr);
            }
        } catch (Exception e) {
            if (this.traceLevel >= 1) {
                traceMessage("secureSocket_IE(): Exception obtaining security permission.");
            }
        }
        return secureSocket_tail(socket);
    }

    private synchronized Socket secureSocket_tail(Socket socket) throws IOException {
        if (this.traceLevel >= 2) {
            traceMessage("secureSocket_tail(): Secure an existing Socket.");
        }
        Socket socket2 = null;
        HODSSLIntf hODSSLIntf = this.sslFTPSessionIntf.getHODSSLIntf();
        if (this.traceLevel >= 1) {
            hODSSLIntf.setDebug(1);
        } else {
            hODSSLIntf.setDebug(0);
        }
        try {
            socket2 = hODSSLIntf.createSocket(socket, true);
            if (socket2 == null) {
                this.remote.printText("SECURE_SOCKET_FAILED", "ERROR: Could not secure the Socket \r\n");
                if (this.traceLevel >= 1) {
                    traceMessage("secureSocket_tail(): Could not secure the Socket.");
                }
            } else if (this.traceLevel >= 2) {
                traceMessage("secureSocket_tail(): Secure Socket created.");
            }
        } catch (ECLErr e) {
            if (this.traceLevel >= 1) {
                traceMessage(new StringBuffer().append("secureSocket_tail(): ECLErr: Message Number = ").append(e.GetMsgNumber()).toString());
            }
            if (this.traceLevel >= 2) {
                e.printStackTrace(System.err);
            }
            handleSSLError(e);
        } catch (UnknownHostException e2) {
            if (this.traceLevel >= 1) {
                traceMessage(new StringBuffer().append("secureSocket_tail(): UnknownHostException = ").append(e2.toString()).toString());
                e2.printStackTrace(System.err);
            }
            this.remote.printText("RMTE_UNKNOWN_HOST_1", new StringBuffer().append("ERROR Unknown host: ").append(this.hostName).append("\r\n").toString(), this.hostName);
        } catch (IOException e3) {
            if (this.traceLevel >= 1) {
                traceMessage(new StringBuffer().append("secureSocket_tail(): IOException = ").append(e3.toString()).toString());
                e3.printStackTrace(System.err);
            }
            this.remote.printText("RMTE_SSL_NO_IO_4HOST_1", new StringBuffer().append("ERROR Could not secure Input/Output for ").append(this.hostName).append(":").append(this.portString).append("\r\n").toString(), new StringBuffer().append(this.hostName).append(":").append(this.portString).toString());
            throw e3;
        } catch (Exception e4) {
            if (this.traceLevel >= 1) {
                traceMessage(new StringBuffer().append("secureSocket_tail(): Exception = ").append(e4.toString()).toString());
                e4.printStackTrace(System.err);
            }
            this.remote.printText("RMTE_SSL_BAD_CN", "ERROR: Bad Certificate Name (CN), server cannot be authenticated");
        }
        if (socket2 != null) {
            try {
                socket2.setSoTimeout(this.remote.getParent().getTimeout());
                if (this.traceLevel >= 1) {
                    traceMessage(new StringBuffer().append("secureSocket_tail(): ").append(ECLConnection.msgLoader.getRASMsg("ECL0005", this.hostName, hODSSLIntf.getCipherSuite())).toString());
                }
            } catch (SocketException e5) {
                if (this.traceLevel >= 2) {
                    traceMessage("secureSocket_tail(): SocketException in setSoTimeout.");
                }
            }
        }
        return socket2;
    }

    private void handleSSLError(ECLErr eCLErr) {
        String GetMsgText = eCLErr.GetMsgText();
        String GetLocation = eCLErr.GetLocation();
        int GetMsgNumber = eCLErr.GetMsgNumber();
        switch (GetMsgNumber) {
            case 7:
            case 8:
            case 9:
            case 30:
            case 31:
                this.remote.printText("RMTE_GENERIC_1", new StringBuffer().append("ERROR: ").append(GetMsgText).append(" \r\n").toString(), GetMsgText);
                this.sslFTPSessionIntf.setCommError(eCLErr);
                if (this.traceLevel >= 2) {
                    traceMessage(new StringBuffer().append("handleSSLError(): Error Location = ").append(GetLocation).toString());
                    traceMessage(new StringBuffer().append("handleSSLError(): Error Message = ").append(GetMsgText).toString());
                    return;
                }
                return;
            default:
                if (!isClientAuthErr(GetMsgNumber)) {
                    this.remote.printText("RMTE_GENERIC_1", new StringBuffer().append("ERROR: ").append(GetMsgText).append(" \r\n").toString(), GetMsgText);
                    this.sslFTPSessionIntf.setCommError(eCLErr);
                    if (this.traceLevel >= 2) {
                        traceMessage(new StringBuffer().append("handleSSLError(): Error Location = ").append(GetLocation).toString());
                        traceMessage(new StringBuffer().append("handleSSLError(): Error Message = ").append(GetMsgText).toString());
                        return;
                    }
                    return;
                }
                this.remote.printText("RMTI_PATIENCE", "Send Client Certificate");
                this.remote.printText("RMTE_GENERIC_1", new StringBuffer().append("SSLERROR: ").append(GetMsgText).append(" \r\n").toString(), GetMsgText);
                this.sslFTPSessionIntf.setCommStatus(2, false);
                this.sslFTPSessionIntf.setCommError(eCLErr);
                if (this.traceLevel >= 2) {
                    traceMessage(new StringBuffer().append("handleSSLError(): Error Location = ").append(GetLocation).toString());
                    traceMessage(new StringBuffer().append("handleSSLError(): Error Message = ").append(GetMsgText).toString());
                    return;
                }
                return;
        }
    }

    private void closeSocket(Socket socket) throws IOException {
        if (socket != null) {
            try {
                socket.close();
            } catch (IOException e) {
                if (this.traceLevel >= 2) {
                    traceMessage(new StringBuffer().append("closeSocket(): IOException = ").append(e).toString());
                }
                this.remote.printText("RMTE_SOCKET_CLOSE_SSL", "ERROR: Error while closing secure socket");
                throw e;
            }
        }
    }

    private void traceMessage(String str) {
        System.out.println(new StringBuffer().append("SecureConnection.").append(str).toString());
    }

    public void setHostAndPort(String str, String str2) {
        this.hostName = str;
        this.portString = str2;
    }

    public static boolean isClientAuthErr(int i) {
        for (int i2 = 0; i2 < HODSSLIntf.CLIENT_AUTH_ERRS.length; i2++) {
            if (HODSSLIntf.CLIENT_AUTH_ERRS[i2] == i) {
                return true;
            }
        }
        return false;
    }
}
