package com.oscar.protocol.stream;

import com.claymoresystems.ptls.SSLContext;
import com.claymoresystems.ptls.SSLSocket;
import com.claymoresystems.sslg.Certificate;
import com.claymoresystems.sslg.DistinguishedName;
import com.google.code.juds.UnixDomainSocketClient;
import com.mysql.cj.conf.PropertyDefinitions;
import com.oscar.core.BaseConnection;
import com.oscar.crypt.PrivateKeyConversion;
import com.oscar.crypt.PrivateKeyReader;
import com.oscar.util.OSQLException;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.Socket;
import java.net.SocketException;
import java.net.UnknownHostException;
import java.security.PrivateKey;
import java.sql.SQLException;
import java.util.Properties;
import java.util.Vector;
import org.aspectj.weaver.tools.cache.SimpleCacheFactory;

/* loaded from: input_file:BOOT-INF/lib/shentongjdbc-4.0.jar:com/oscar/protocol/stream/OSocket.class */
public class OSocket implements OStream {
    private String host;
    private int port;
    private Socket connection;
    private InputStream osr_input;
    private BufferedOutputStream osr_output;
    private String rootFile;
    private String randomFile;
    private String database;
    private int timeOut_MilliSecond;
    private BaseConnection con;
    private boolean tcpKeepAlive;
    private PrivateKey keyForVerifyJDBC;
    private boolean isSSLCon;
    public static Integer openSocketNum = new Integer(0);
    public static Integer closeSocketNum = new Integer(0);
    private String unixDomainPath;
    private UnixDomainSocketClient unixConnection;

    public OSocket(String str, int i) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
    }

    public OSocket(String str, int i, Properties properties) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
        this.tcpKeepAlive = Boolean.valueOf(properties.getProperty("TCPKEEPALIVE", "false")).booleanValue();
        this.unixDomainPath = properties.getProperty("UNIXDOMAINPATH", SimpleCacheFactory.PATH_DEFAULT);
    }

    public OSocket(String str, int i, int i2) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
        this.timeOut_MilliSecond = i2;
    }

    public OSocket(String str, int i, int i2, Properties properties) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
        this.timeOut_MilliSecond = i2;
        this.tcpKeepAlive = Boolean.valueOf(properties.getProperty("TCPKEEPALIVE", "false")).booleanValue();
        this.unixDomainPath = properties.getProperty("UNIXDOMAINPATH", SimpleCacheFactory.PATH_DEFAULT);
    }

    public OSocket(String str, int i, BaseConnection baseConnection) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
        this.con = baseConnection;
    }

    public OSocket(String str, int i, BaseConnection baseConnection, Properties properties) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
        this.con = baseConnection;
        this.tcpKeepAlive = Boolean.valueOf(properties.getProperty("TCPKEEPALIVE", "false")).booleanValue();
        this.unixDomainPath = properties.getProperty("UNIXDOMAINPATH", SimpleCacheFactory.PATH_DEFAULT);
    }

    public OSocket(String str, int i, int i2, BaseConnection baseConnection) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
        this.timeOut_MilliSecond = i2;
        this.con = baseConnection;
    }

    public OSocket(String str, int i, int i2, BaseConnection baseConnection, Properties properties) {
        this.timeOut_MilliSecond = 0;
        this.tcpKeepAlive = false;
        this.keyForVerifyJDBC = null;
        this.unixDomainPath = "";
        this.host = str;
        this.port = i;
        this.timeOut_MilliSecond = i2;
        this.con = baseConnection;
        this.tcpKeepAlive = Boolean.valueOf(properties.getProperty("TCPKEEPALIVE", "false")).booleanValue();
        this.unixDomainPath = properties.getProperty("UNIXDOMAINPATH", SimpleCacheFactory.PATH_DEFAULT);
    }

    @Override // com.oscar.protocol.stream.OStream
    public void open() throws IOException {
        if (!this.host.equalsIgnoreCase("unixsocket")) {
            this.connection = new Socket(this.host, this.port);
            this.connection.setTcpNoDelay(true);
            this.connection.setKeepAlive(this.tcpKeepAlive);
            if (this.timeOut_MilliSecond != 0) {
                this.connection.setSoTimeout(this.timeOut_MilliSecond);
            }
            synchronized (openSocketNum) {
                openSocketNum = new Integer(openSocketNum.intValue() + 1);
            }
            this.osr_input = new BufferedInputStream(this.connection.getInputStream(), 8192);
            this.osr_output = new BufferedOutputStream(this.connection.getOutputStream(), 8192);
            return;
        }
        if (System.getProperty(PropertyDefinitions.SYSP_os_name, "window").toLowerCase().indexOf("window") != -1) {
            throw new SocketException("loadLibrary(): Unix sockets are not supported on Windows platforms");
        }
        try {
            this.unixConnection = new UnixDomainSocketClient(this.unixDomainPath.equals("") ? SimpleCacheFactory.PATH_DEFAULT : this.unixDomainPath + "/.s.oscar." + this.port, 1);
            if (this.timeOut_MilliSecond != 0) {
                this.unixConnection.setTimeout(this.timeOut_MilliSecond);
            }
            synchronized (openSocketNum) {
                openSocketNum = new Integer(openSocketNum.intValue() + 1);
            }
            this.osr_input = new BufferedInputStream(this.unixConnection.getInputStream(), 8192);
            this.osr_output = new BufferedOutputStream(this.unixConnection.getOutputStream(), 8192);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    @Override // com.oscar.protocol.stream.OStream
    public void reInitStream(boolean z) throws IOException {
        if (z) {
            this.osr_input = new CompressedInputStream(this.osr_input, this.con);
        }
    }

    @Override // com.oscar.protocol.stream.OStream
    public void openWithSSL(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        this.rootFile = str4;
        this.randomFile = str5;
        this.database = str6;
        SSLContext createSSLContext = createSSLContext(str, str2, str3);
        this.isSSLCon = true;
        this.connection = connect(createSSLContext, this.host, this.port);
        this.osr_input = new BufferedInputStream(this.connection.getInputStream(), 8192);
        this.osr_output = new BufferedOutputStream(this.connection.getOutputStream(), 8192);
    }

    @Override // com.oscar.protocol.stream.OStream
    public InputStream getInputStream() {
        return this.osr_input;
    }

    @Override // com.oscar.protocol.stream.OStream
    public BufferedOutputStream getBufferedOutputStream() {
        return this.osr_output;
    }

    @Override // com.oscar.protocol.stream.OStream
    public void close() throws IOException {
        try {
            if (this.osr_output != null) {
                this.osr_output.close();
            }
            if (this.osr_input != null) {
                this.osr_input.close();
            }
            if (this.connection != null) {
                this.connection.close();
            }
            synchronized (closeSocketNum) {
                closeSocketNum = new Integer(closeSocketNum.intValue() + 1);
            }
        } catch (IOException e) {
            throw e;
        }
    }

    public SSLContext createSSLContext(String str, String str2, String str3) throws Exception {
        SSLContext sSLContext = new SSLContext();
        try {
            sSLContext.loadRootCertificates(this.rootFile);
            try {
                sSLContext.LoadKeyFile(new FileInputStream(str), str3);
                try {
                    sSLContext.LoadCertFile(new FileInputStream(str2), str3);
                    switch (sSLContext.checkKeyPair()) {
                        case 0:
                            try {
                                sSLContext.useRandomnessFile(this.randomFile, str3);
                                return sSLContext;
                            } catch (Exception e) {
                                e.printStackTrace();
                                throw new Exception("加载随机数文件失败!");
                            }
                        case 1:
                            throw new Exception("公私钥数值不匹配");
                        case 2:
                            throw new Exception("公私钥类型不匹配");
                        default:
                            System.out.println("未知错误！");
                            throw new Exception("进行公私钥匹配检验时发生未知错误！");
                    }
                } catch (Throwable th) {
                    throw new Exception("加载证书文件失败!");
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                throw new Exception("加载证书私钥及其密码失败!");
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            throw new Exception("加载CA证书失败");
        }
    }

    public SSLContext createSSLContextUseWallet(String str, String str2) throws Exception {
        SSLContext sSLContext = new SSLContext();
        try {
            sSLContext.loadPKCS12File(str, str2);
            switch (sSLContext.checkKeyPair()) {
                case 0:
                    try {
                        sSLContext.useRandomnessFile(this.randomFile, str2);
                        return sSLContext;
                    } catch (Exception e) {
                        e.printStackTrace();
                        throw new Exception("加载随机数文件失败!");
                    }
                case 1:
                    throw new Exception("公私钥数值不匹配");
                case 2:
                    throw new Exception("公私钥类型不匹配");
                default:
                    System.out.println("未知错误！");
                    throw new Exception("进行公私钥匹配检验时发生未知错误！");
            }
        } catch (Error e2) {
            throw new Exception("加载OsacarKeyStore失败");
        } catch (Exception e3) {
            e3.printStackTrace();
            throw new Exception("加载OsacarKeyStore失败");
        }
    }

    public static String dnToCommonName(DistinguishedName distinguishedName) throws IOException {
        Vector name = distinguishedName.getName();
        Vector vector = null;
        int i = 0;
        while (true) {
            if (i >= name.size()) {
                break;
            }
            if (((String[]) ((Vector) name.get(i)).firstElement())[0].equals("CN")) {
                vector = (Vector) name.get(i);
                break;
            }
            i++;
        }
        if (vector == null || vector.size() != 1) {
            throw new IOException("DN forms with multiple AVAs per RDN are unacceptable");
        }
        String[] strArr = (String[]) vector.firstElement();
        if (strArr.length != 2) {
            throw new IOException("Bogus AVA array");
        }
        if (strArr[0].equals("CN")) {
            return strArr[1];
        }
        throw new IOException("CN must be most local AVA");
    }

    public static String dnToOrgUnitName(DistinguishedName distinguishedName) throws IOException {
        Vector name = distinguishedName.getName();
        Vector vector = null;
        int i = 0;
        while (true) {
            if (i >= name.size()) {
                break;
            }
            if (((String[]) ((Vector) name.get(i)).firstElement())[0].equals("OU")) {
                vector = (Vector) name.get(i);
                break;
            }
            i++;
        }
        if (vector == null || vector.size() != 1) {
            throw new IOException("OU forms with multiple AVAs per RDN are unacceptable");
        }
        return ((String[]) vector.firstElement())[1];
    }

    public static boolean isLocalClient(String str) {
        if (null == str) {
            return false;
        }
        if ("localhost".equalsIgnoreCase(str)) {
            return true;
        }
        try {
            if (InetAddress.getLocalHost().getHostName().equalsIgnoreCase(str)) {
                return true;
            }
        } catch (Exception e) {
        }
        if (str.startsWith("127.0.0.")) {
            try {
                int parseInt = Integer.parseInt(str.substring("127.0.0.".length(), str.length()));
                if (parseInt > 0 && parseInt < 256) {
                    return true;
                }
            } catch (Exception e2) {
                return false;
            }
        }
        try {
            for (InetAddress inetAddress : InetAddress.getAllByName(InetAddress.getLocalHost().getHostName())) {
                if (inetAddress.getHostAddress().equals(str)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e3) {
            return false;
        }
    }

    public static boolean checkIP(String str, String str2) {
        if (str.equalsIgnoreCase(str2)) {
            return true;
        }
        boolean isLocalClient = isLocalClient(str);
        boolean isLocalClient2 = isLocalClient(str2);
        if (isLocalClient && isLocalClient2) {
            return true;
        }
        if (isLocalClient || isLocalClient2) {
            return false;
        }
        try {
            if (InetAddress.getByName(str).getHostName().equalsIgnoreCase(str2)) {
                return true;
            }
            for (InetAddress inetAddress : InetAddress.getAllByName(str)) {
                if (inetAddress.getHostAddress().equalsIgnoreCase(str2)) {
                    return true;
                }
            }
            return false;
        } catch (UnknownHostException e) {
            return false;
        }
    }

    public SSLSocket connect(SSLContext sSLContext, String str, int i) throws IOException, SQLException {
        try {
            SSLSocket sSLSocket = new SSLSocket(sSLContext, this.connection, str, i, 1);
            Vector certificateChain = sSLSocket.getCertificateChain();
            if (certificateChain == null) {
                return sSLSocket;
            }
            if (certificateChain.size() > 10) {
                throw new IOException("Certificate chain too long");
            }
            Certificate certificate = (Certificate) certificateChain.lastElement();
            String dnToCommonName = dnToCommonName(certificate.getSubjectName());
            String dnToOrgUnitName = dnToOrgUnitName(certificate.getSubjectName());
            if (!checkIP(str, dnToCommonName)) {
                throw new OSQLException("OSCAR-00113", "88888", 113);
            }
            if (this.database.equalsIgnoreCase(dnToOrgUnitName)) {
                return sSLSocket;
            }
            throw new OSQLException("OSCAR-00116", "88888", 116);
        } catch (IOException e) {
            if (e.getMessage().equals("java.net.SocketException: Connection reset")) {
                throw new OSQLException("OSCAR-00114", "88888", 114, e);
            }
            if (e.getMessage().equals("Unknown CA")) {
                throw new OSQLException("OSCAR-00115", "88888", 115, e);
            }
            throw e;
        }
    }

    public void setRootFile(String str) {
        this.rootFile = str;
    }

    public void setRandomFile(String str) {
        this.randomFile = str;
    }

    public String getRootFile() {
        return this.rootFile;
    }

    public String getRandomFile() {
        return this.randomFile;
    }

    @Override // com.oscar.protocol.stream.OStream
    public void openWithSSLUseWallet(String str, String str2, String str3, String str4) throws Exception {
        this.randomFile = str3;
        this.database = str4;
        SSLContext createSSLContextUseWallet = createSSLContextUseWallet(str, str2);
        this.isSSLCon = true;
        this.connection = connect(createSSLContextUseWallet, this.host, this.port);
        this.osr_input = new BufferedInputStream(this.connection.getInputStream(), 8192);
        this.osr_output = new BufferedOutputStream(this.connection.getOutputStream(), 8192);
    }

    @Override // com.oscar.protocol.stream.OStream
    public void readJDCBVerifyKey(String str, String str2) {
        try {
            this.keyForVerifyJDBC = PrivateKeyReader.readFromFile(str, str2);
            this.keyForVerifyJDBC = PrivateKeyConversion.converEAYEncryptedKey(this.keyForVerifyJDBC);
        } catch (Exception e) {
            System.out.println("警告，加载JDBC验证私钥失败，不能对JDBC采用签名验证");
        }
    }

    @Override // com.oscar.protocol.stream.OStream
    public PrivateKey getJDBCVerifyKey() {
        return this.keyForVerifyJDBC;
    }

    @Override // com.oscar.protocol.stream.OStream
    public Socket getSocket() throws Exception {
        return new Socket(this.host, this.port);
    }

    @Override // com.oscar.protocol.stream.OStream
    public Socket getCurrentSocket() {
        return this.connection;
    }

    @Override // com.oscar.protocol.stream.OStream
    public void setSocketTimeOut(int i) throws SocketException {
        if (getCurrentSocket() != null) {
            getCurrentSocket().setSoTimeout(i);
        } else if (this.unixConnection != null) {
            this.unixConnection.setTimeout(i);
        }
    }
}
