package sun.security.krb5;

import java.io.IOException;
import java.net.SocketTimeoutException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.Security;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import java.util.StringTokenizer;
import jdk.internal.dynalink.CallSiteDescriptor;
import sun.security.krb5.internal.KRBError;
import sun.security.krb5.internal.Krb5;
import sun.security.krb5.internal.NetClient;

/* loaded from: input_file:win/1.8.0_265/lib/rt.jar:sun/security/krb5/KdcComm.class */
public final class KdcComm {
    private static int defaultKdcRetryLimit;
    private static int defaultKdcTimeout;
    private static int defaultUdpPrefLimit;
    private static final String BAD_POLICY_KEY = "krb5.kdc.bad.policy";
    private static BpType badPolicy;
    private String realm;
    private static final boolean DEBUG = Krb5.DEBUG;
    private static int tryLessMaxRetries = 1;
    private static int tryLessTimeout = 5000;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_265/lib/rt.jar:sun/security/krb5/KdcComm$BpType.class */
    public enum BpType {
        NONE,
        TRY_LAST,
        TRY_LESS
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:win/1.8.0_265/lib/rt.jar:sun/security/krb5/KdcComm$KdcAccessibility.class */
    public static class KdcAccessibility {
        private static Set<String> bads = new HashSet();

        KdcAccessibility() {
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static synchronized void addBad(String str) {
            if (KdcComm.DEBUG) {
                System.out.println(">>> KdcAccessibility: add " + str);
            }
            bads.add(str);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static synchronized void removeBad(String str) {
            if (KdcComm.DEBUG) {
                System.out.println(">>> KdcAccessibility: remove " + str);
            }
            bads.remove(str);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static synchronized boolean isBad(String str) {
            return bads.contains(str);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static synchronized void reset() {
            if (KdcComm.DEBUG) {
                System.out.println(">>> KdcAccessibility: reset");
            }
            bads.clear();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static synchronized List<String> list(String str) {
            StringTokenizer stringTokenizer = new StringTokenizer(str);
            ArrayList arrayList = new ArrayList();
            if (KdcComm.badPolicy == BpType.TRY_LAST) {
                ArrayList arrayList2 = new ArrayList();
                while (stringTokenizer.hasMoreTokens()) {
                    String nextToken = stringTokenizer.nextToken();
                    if (bads.contains(nextToken)) {
                        arrayList2.add(nextToken);
                    } else {
                        arrayList.add(nextToken);
                    }
                }
                arrayList.addAll(arrayList2);
            } else {
                while (stringTokenizer.hasMoreTokens()) {
                    arrayList.add(stringTokenizer.nextToken());
                }
            }
            return arrayList;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:win/1.8.0_265/lib/rt.jar:sun/security/krb5/KdcComm$KdcCommunication.class */
    public static class KdcCommunication implements PrivilegedExceptionAction<byte[]> {
        private String kdc;
        private int port;
        private boolean useTCP;
        private int timeout;
        private int retries;
        private byte[] obuf;

        public KdcCommunication(String str, int i, boolean z, int i2, int i3, byte[] bArr) {
            this.kdc = str;
            this.port = i;
            this.useTCP = z;
            this.timeout = i2;
            this.retries = i3;
            this.obuf = bArr;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedExceptionAction
        public byte[] run() throws IOException, KrbException {
            byte[] bArr = null;
            for (int i = 1; i <= this.retries; i++) {
                String str = this.useTCP ? "TCP" : "UDP";
                if (KdcComm.DEBUG) {
                    System.out.println(">>> KDCCommunication: kdc=" + this.kdc + " " + str + CallSiteDescriptor.TOKEN_DELIMITER + this.port + ", timeout=" + this.timeout + ",Attempt =" + i + ", #bytes=" + this.obuf.length);
                }
                try {
                    NetClient netClient = NetClient.getInstance(str, this.kdc, this.port, this.timeout);
                    Throwable th = null;
                    try {
                        try {
                            netClient.send(this.obuf);
                            bArr = netClient.receive();
                            if (netClient != null) {
                                if (0 != 0) {
                                    try {
                                        netClient.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    netClient.close();
                                }
                            }
                            break;
                        } catch (Throwable th3) {
                            th = th3;
                            throw th3;
                            break;
                        }
                    } finally {
                    }
                } catch (SocketTimeoutException e) {
                    if (KdcComm.DEBUG) {
                        System.out.println("SocketTimeOutException with attempt: " + i);
                    }
                    if (i == this.retries) {
                        throw e;
                    }
                }
            }
            return bArr;
        }
    }

    public static void initStatic() {
        String str = (String) AccessController.doPrivileged(new PrivilegedAction<String>() { // from class: sun.security.krb5.KdcComm.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            /* renamed from: run */
            public String run2() {
                return Security.getProperty(KdcComm.BAD_POLICY_KEY);
            }
        });
        if (str != null) {
            String lowerCase = str.toLowerCase(Locale.ENGLISH);
            String[] split = lowerCase.split(CallSiteDescriptor.TOKEN_DELIMITER);
            if ("tryless".equals(split[0])) {
                if (split.length > 1) {
                    String[] split2 = split[1].split(",");
                    try {
                        int parseInt = Integer.parseInt(split2[0]);
                        if (split2.length > 1) {
                            tryLessTimeout = Integer.parseInt(split2[1]);
                        }
                        tryLessMaxRetries = parseInt;
                    } catch (NumberFormatException e) {
                        if (DEBUG) {
                            System.out.println("Invalid krb5.kdc.bad.policy parameter for tryLess: " + lowerCase + ", use default");
                        }
                    }
                }
                badPolicy = BpType.TRY_LESS;
            } else if ("trylast".equals(split[0])) {
                badPolicy = BpType.TRY_LAST;
            } else {
                badPolicy = BpType.NONE;
            }
        } else {
            badPolicy = BpType.NONE;
        }
        int i = -1;
        int i2 = -1;
        int i3 = -1;
        try {
            Config config = Config.getInstance();
            i = parseTimeString(config.get("libdefaults", "kdc_timeout"));
            i2 = parsePositiveIntString(config.get("libdefaults", "max_retries"));
            i3 = parsePositiveIntString(config.get("libdefaults", "udp_preference_limit"));
        } catch (Exception e2) {
            if (DEBUG) {
                System.out.println("Exception in getting KDC communication settings, using default value " + e2.getMessage());
            }
        }
        defaultKdcTimeout = i > 0 ? i : 30000;
        defaultKdcRetryLimit = i2 > 0 ? i2 : 3;
        if (i3 < 0) {
            defaultUdpPrefLimit = Krb5.KDC_DEFAULT_UDP_PREF_LIMIT;
        } else if (i3 > 32700) {
            defaultUdpPrefLimit = Krb5.KDC_HARD_UDP_LIMIT;
        } else {
            defaultUdpPrefLimit = i3;
        }
        KdcAccessibility.reset();
    }

    public KdcComm(String str) throws KrbException {
        if (str == null) {
            str = Config.getInstance().getDefaultRealm();
            if (str == null) {
                throw new KrbException(60, "Cannot find default realm");
            }
        }
        this.realm = str;
    }

    public byte[] send(byte[] bArr) throws IOException, KrbException {
        int realmSpecificValue = getRealmSpecificValue(this.realm, "udp_preference_limit", defaultUdpPrefLimit);
        return send(bArr, realmSpecificValue > 0 && bArr != null && bArr.length > realmSpecificValue);
    }

    private byte[] send(byte[] bArr, boolean z) throws IOException, KrbException {
        if (bArr == null) {
            return null;
        }
        Config config = Config.getInstance();
        if (this.realm == null) {
            this.realm = config.getDefaultRealm();
            if (this.realm == null) {
                throw new KrbException(60, "Cannot find default realm");
            }
        }
        String kDCList = config.getKDCList(this.realm);
        if (kDCList == null) {
            throw new KrbException("Cannot get kdc for realm " + this.realm);
        }
        Iterator it = KdcAccessibility.list(kDCList).iterator();
        if (!it.hasNext()) {
            throw new KrbException("Cannot get kdc for realm " + this.realm);
        }
        byte[] bArr2 = null;
        try {
            bArr2 = sendIfPossible(bArr, (String) it.next(), z);
        } catch (Exception e) {
            boolean z2 = false;
            while (it.hasNext()) {
                try {
                    bArr2 = sendIfPossible(bArr, (String) it.next(), z);
                    z2 = true;
                    break;
                } catch (Exception e2) {
                }
            }
            if (!z2) {
                throw e;
            }
        }
        if (bArr2 == null) {
            throw new IOException("Cannot get a KDC reply");
        }
        return bArr2;
    }

    private byte[] sendIfPossible(byte[] bArr, String str, boolean z) throws IOException, KrbException {
        try {
            byte[] send = send(bArr, str, z);
            KRBError kRBError = null;
            try {
                kRBError = new KRBError(send);
            } catch (Exception e) {
            }
            if (kRBError != null && kRBError.getErrorCode() == 52) {
                send = send(bArr, str, true);
            }
            KdcAccessibility.removeBad(str);
            return send;
        } catch (Exception e2) {
            if (DEBUG) {
                System.out.println(">>> KrbKdcReq send: error trying " + str);
                e2.printStackTrace(System.out);
            }
            KdcAccessibility.addBad(str);
            throw e2;
        }
    }

    private byte[] send(byte[] bArr, String str, boolean z) throws IOException, KrbException {
        String substring;
        int parsePositiveIntString;
        if (bArr == null) {
            return null;
        }
        int i = 88;
        int realmSpecificValue = getRealmSpecificValue(this.realm, "max_retries", defaultKdcRetryLimit);
        int realmSpecificValue2 = getRealmSpecificValue(this.realm, "kdc_timeout", defaultKdcTimeout);
        if (badPolicy == BpType.TRY_LESS && KdcAccessibility.isBad(str)) {
            if (realmSpecificValue > tryLessMaxRetries) {
                realmSpecificValue = tryLessMaxRetries;
            }
            if (realmSpecificValue2 > tryLessTimeout) {
                realmSpecificValue2 = tryLessTimeout;
            }
        }
        String str2 = null;
        if (str.charAt(0) == '[') {
            int indexOf = str.indexOf(93, 1);
            if (indexOf == -1) {
                throw new IOException("Illegal KDC: " + str);
            }
            substring = str.substring(1, indexOf);
            if (indexOf != str.length() - 1) {
                if (str.charAt(indexOf + 1) != ':') {
                    throw new IOException("Illegal KDC: " + str);
                }
                str2 = str.substring(indexOf + 2);
            }
        } else {
            int indexOf2 = str.indexOf(58);
            if (indexOf2 == -1) {
                substring = str;
            } else if (str.indexOf(58, indexOf2 + 1) > 0) {
                substring = str;
            } else {
                substring = str.substring(0, indexOf2);
                str2 = str.substring(indexOf2 + 1);
            }
        }
        if (str2 != null && (parsePositiveIntString = parsePositiveIntString(str2)) > 0) {
            i = parsePositiveIntString;
        }
        if (DEBUG) {
            System.out.println(">>> KrbKdcReq send: kdc=" + substring + (z ? " TCP:" : " UDP:") + i + ", timeout=" + realmSpecificValue2 + ", number of retries =" + realmSpecificValue + ", #bytes=" + bArr.length);
        }
        try {
            byte[] bArr2 = (byte[]) AccessController.doPrivileged(new KdcCommunication(substring, i, z, realmSpecificValue2, realmSpecificValue, bArr));
            if (DEBUG) {
                System.out.println(">>> KrbKdcReq send: #bytes read=" + (bArr2 != null ? bArr2.length : 0));
            }
            return bArr2;
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (exception instanceof IOException) {
                throw ((IOException) exception);
            }
            throw ((KrbException) exception);
        }
    }

    private static int parseTimeString(String str) {
        if (str == null) {
            return -1;
        }
        if (!str.endsWith("s")) {
            return parsePositiveIntString(str);
        }
        int parsePositiveIntString = parsePositiveIntString(str.substring(0, str.length() - 1));
        if (parsePositiveIntString < 0) {
            return -1;
        }
        return parsePositiveIntString * 1000;
    }

    private int getRealmSpecificValue(String str, String str2, int i) {
        int i2 = i;
        if (str == null) {
            return i2;
        }
        int i3 = -1;
        try {
            String str3 = Config.getInstance().get("realms", str, str2);
            i3 = str2.equals("kdc_timeout") ? parseTimeString(str3) : parsePositiveIntString(str3);
        } catch (Exception e) {
        }
        if (i3 > 0) {
            i2 = i3;
        }
        return i2;
    }

    private static int parsePositiveIntString(String str) {
        if (str == null) {
            return -1;
        }
        try {
            int parseInt = Integer.parseInt(str);
            if (parseInt >= 0) {
                return parseInt;
            }
            return -1;
        } catch (Exception e) {
            return -1;
        }
    }

    static {
        initStatic();
    }
}
