package com.documentum.fc.client.impl.connection.docbase.netwise;

import com.documentum.fc.client.DfIOException;
import com.documentum.fc.client.impl.connection.docbase.DocbaseConnectionProtocol;
import com.documentum.fc.client.impl.connection.docbase.IDocbaseRpcClient;
import com.documentum.fc.client.impl.connection.docbase.IDocbaseRpcClientFactory;
import com.documentum.fc.client.impl.connection.docbase.ServerEntry;
import com.documentum.fc.common.DfException;
import com.documentum.fc.common.DfLogger;
import com.documentum.fc.common.DfPreferences;
import com.documentum.fc.common.DfUtil;
import com.documentum.fc.common.IDfLoginInfo;
import com.documentum.fc.impl.util.StringUtil;
import java.io.IOException;
import java.net.ConnectException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.channels.SocketChannel;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Arrays;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;

/* loaded from: input_file:WEB-INF/lib/dfc.jar:com/documentum/fc/client/impl/connection/docbase/netwise/NetwiseDocbaseRpcClientFactory.class */
public final class NetwiseDocbaseRpcClientFactory implements IDocbaseRpcClientFactory {
    private static String[] s_cipherSuitesToEnable = null;
    private static TrustManager[] s_trustManager = null;
    private static final String DFC_IPV6_WINDOWS_ERROR_MESSAGE = "Address family not supported by protocol".intern();

    @Override // com.documentum.fc.client.impl.connection.docbase.IDocbaseRpcClientFactory
    public IDocbaseRpcClient newDocbaseRpcClient(ServerEntry serverEntry, IDfLoginInfo iDfLoginInfo) throws DfException {
        if (!(serverEntry.getAddress() instanceof InetSocketAddress)) {
            throw new IllegalArgumentException("address");
        }
        try {
            return new NetwiseDocbaseRpcClient(openSocket(serverEntry, iDfLoginInfo.getSecurityMode()));
        } catch (Exception e) {
            throw DfIOException.newCommunicationFailureException(e);
        }
    }

    private Socket openSocket(ServerEntry serverEntry, String str) throws Exception {
        Socket socket = null;
        DocbaseConnectionProtocol protocol = serverEntry.getProtocol();
        if (protocol != null) {
            switch (protocol) {
                case IPV4_NATIVE:
                    socket = openNormalSocket((InetSocketAddress) serverEntry.getAddress());
                    break;
                case IPV4_SSL:
                    socket = openSslSocket((InetSocketAddress) serverEntry.getAddress());
                    break;
                case IPV6_NATIVE:
                    socket = openNormalSocket((InetSocketAddress) serverEntry.getAddressIPV6());
                    break;
                case IPV6_SSL:
                    socket = openSslSocket((InetSocketAddress) serverEntry.getAddressIPV6());
                    break;
            }
        } else {
            if (StringUtil.isEmptyOrNull(str)) {
                str = DfPreferences.getInstance().getSessionSecureConnectDefault();
            }
            boolean canUseIPV6 = DfUtil.canUseIPV6();
            if (IDfLoginInfo.SECURITY_MODE_NATIVE.equals(str)) {
                socket = makeNativeConnection(serverEntry, canUseIPV6);
            } else if (IDfLoginInfo.SECURITY_MODE_SECURE.equals(str)) {
                socket = makeSecureConnection(serverEntry, canUseIPV6);
            } else if (IDfLoginInfo.SECURITY_MODE_TRY_SECURE_FIRST.equals(str)) {
                socket = trySecureFirst(serverEntry, canUseIPV6);
            } else {
                if (!IDfLoginInfo.SECURITY_MODE_TRY_NATIVE_FIRST.equals(str)) {
                    throw new IllegalArgumentException("Invalid security mode");
                }
                socket = tryNativeFirst(serverEntry, canUseIPV6);
            }
        }
        return socket;
    }

    private Socket openNormalSocket(final InetSocketAddress inetSocketAddress) throws IOException {
        try {
            return (Socket) AccessController.doPrivileged(new PrivilegedExceptionAction<Socket>() { // from class: com.documentum.fc.client.impl.connection.docbase.netwise.NetwiseDocbaseRpcClientFactory.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Socket run() throws IOException {
                    SocketChannel open = SocketChannel.open();
                    open.configureBlocking(true);
                    open.connect(inetSocketAddress);
                    return open.socket();
                }
            });
        } catch (PrivilegedActionException e) {
            IOException iOException = (IOException) e.getCause();
            if (System.getProperty("os.name").contains("Windows") && iOException.getMessage().contains(DFC_IPV6_WINDOWS_ERROR_MESSAGE)) {
                return createNormalSocketOnWindowsIPV6Error(inetSocketAddress);
            }
            throw iOException;
        }
    }

    private Socket createNormalSocketOnWindowsIPV6Error(final InetSocketAddress inetSocketAddress) throws IOException {
        try {
            return (Socket) AccessController.doPrivileged(new PrivilegedExceptionAction<Socket>() { // from class: com.documentum.fc.client.impl.connection.docbase.netwise.NetwiseDocbaseRpcClientFactory.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Socket run() throws IOException {
                    Socket createSocket = SocketFactory.getDefault().createSocket();
                    createSocket.connect(inetSocketAddress);
                    return createSocket;
                }
            });
        } catch (PrivilegedActionException e) {
            throw ((IOException) e.getCause());
        }
    }

    private Socket openSslSocket(final InetSocketAddress inetSocketAddress) throws Exception {
        try {
            return (Socket) AccessController.doPrivileged(new PrivilegedExceptionAction<Socket>() { // from class: com.documentum.fc.client.impl.connection.docbase.netwise.NetwiseDocbaseRpcClientFactory.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Socket run() throws Exception {
                    InetSocketAddress inetSocketAddress2 = new InetSocketAddress(inetSocketAddress.getAddress(), inetSocketAddress.getPort() + 1);
                    SSLSocket sSLSocket = NetwiseDocbaseRpcClientFactory.this.getSSLSocket();
                    sSLSocket.setEnabledCipherSuites(NetwiseDocbaseRpcClientFactory.this.getCipherSuitesToEnable());
                    sSLSocket.connect(inetSocketAddress2);
                    return sSLSocket;
                }
            });
        } catch (PrivilegedActionException e) {
            throw ((IOException) e.getCause());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SSLSocket getSSLSocket() throws Exception {
        SSLSocket sSLSocket;
        if (System.getProperty("java.vendor").contains("IBM")) {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, getTrustManager(), null);
            sSLSocket = (SSLSocket) sSLContext.getSocketFactory().createSocket();
        } else {
            sSLSocket = (SSLSocket) SSLSocketFactory.getDefault().createSocket();
        }
        return sSLSocket;
    }

    private synchronized TrustManager[] getTrustManager() throws Exception {
        if (s_trustManager == null) {
            s_trustManager = new TrustManager[]{new IBMX509TrustManager()};
        }
        return s_trustManager;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized String[] getCipherSuitesToEnable() {
        if (s_cipherSuitesToEnable == null) {
            ArrayList arrayList = new ArrayList(Arrays.asList(((SSLSocketFactory) SSLSocketFactory.getDefault()).getDefaultCipherSuites()));
            arrayList.add("SSL_DH_anon_WITH_3DES_EDE_CBC_SHA");
            s_cipherSuitesToEnable = (String[]) arrayList.toArray(new String[0]);
        }
        return s_cipherSuitesToEnable;
    }

    private Socket trySecureFirst(ServerEntry serverEntry, boolean z) throws Exception {
        return trySecureFirstInternal(serverEntry, z);
    }

    private Socket trySecureFirstInternal(ServerEntry serverEntry, boolean z) throws Exception {
        Socket makeNativeConnection;
        try {
            makeNativeConnection = makeSecureConnection(serverEntry, z);
        } catch (ConnectException e) {
            makeNativeConnection = makeNativeConnection(serverEntry, z);
        }
        return makeNativeConnection;
    }

    private Socket tryNativeFirst(ServerEntry serverEntry, boolean z) throws Exception {
        return tryNativeFirstInternal(serverEntry, z);
    }

    private Socket tryNativeFirstInternal(ServerEntry serverEntry, boolean z) throws Exception {
        Socket makeSecureConnection;
        try {
            makeSecureConnection = makeNativeConnection(serverEntry, z);
        } catch (ConnectException e) {
            makeSecureConnection = makeSecureConnection(serverEntry, z);
        }
        return makeSecureConnection;
    }

    private Socket makeNativeConnection(ServerEntry serverEntry, boolean z) throws Exception {
        Socket openNormalSocket;
        if (!z || (serverEntry.getAddressIPV6() instanceof String)) {
            openNormalSocket = openNormalSocket((InetSocketAddress) serverEntry.getAddress());
            DfLogger.debug((Object) this, "3:IPV6: " + z + " address: " + serverEntry.getAddress(), (String[]) null, (Throwable) null);
            serverEntry.setconnectionProtocol(DocbaseConnectionProtocol.IPV4_NATIVE);
        } else {
            try {
                openNormalSocket = openNormalSocket((InetSocketAddress) serverEntry.getAddressIPV6());
                DfLogger.debug((Object) this, "1:IPV6: " + z + " address: " + serverEntry.getAddressIPV6(), (String[]) null, (Throwable) null);
                serverEntry.setconnectionProtocol(DocbaseConnectionProtocol.IPV6_NATIVE);
            } catch (ConnectException e) {
                openNormalSocket = openNormalSocket((InetSocketAddress) serverEntry.getAddress());
                DfLogger.debug((Object) this, "2:IPV6: " + z + " address: " + serverEntry.getAddress(), (String[]) null, (Throwable) null);
                serverEntry.setconnectionProtocol(DocbaseConnectionProtocol.IPV4_NATIVE);
            }
        }
        return openNormalSocket;
    }

    private Socket makeSecureConnection(ServerEntry serverEntry, boolean z) throws Exception {
        Socket openSslSocket;
        if (!z || (serverEntry.getAddressIPV6() instanceof String)) {
            openSslSocket = openSslSocket((InetSocketAddress) serverEntry.getAddress());
            DfLogger.debug((Object) this, "6:IPV6: " + z + " address: " + serverEntry.getAddress(), (String[]) null, (Throwable) null);
            serverEntry.setconnectionProtocol(DocbaseConnectionProtocol.IPV4_SSL);
        } else {
            try {
                openSslSocket = openSslSocket((InetSocketAddress) serverEntry.getAddressIPV6());
                DfLogger.debug((Object) this, "4:IPV6: " + z + " address: " + serverEntry.getAddressIPV6(), (String[]) null, (Throwable) null);
                serverEntry.setconnectionProtocol(DocbaseConnectionProtocol.IPV6_SSL);
            } catch (ConnectException e) {
                openSslSocket = openSslSocket((InetSocketAddress) serverEntry.getAddress());
                DfLogger.debug((Object) this, "5:IPV6: " + z + " address: " + serverEntry.getAddress(), (String[]) null, (Throwable) null);
                serverEntry.setconnectionProtocol(DocbaseConnectionProtocol.IPV4_SSL);
            }
        }
        return openSslSocket;
    }
}
