package org.dcache.srm.security;

import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import org.globus.gsi.CredentialException;
import org.globus.gsi.GSIConstants;
import org.globus.gsi.TrustedCertificates;
import org.globus.gsi.X509Credential;
import org.globus.gsi.gssapi.GSSConstants;
import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.gsi.gssapi.auth.Authorization;
import org.globus.gsi.gssapi.auth.AuthorizationException;
import org.globus.gsi.gssapi.auth.HostAuthorization;
import org.globus.gsi.gssapi.net.impl.GSIGssSocket;
import org.gridforum.jgss.ExtendedGSSContext;
import org.gridforum.jgss.ExtendedGSSManager;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;

/* loaded from: input_file:org/dcache/srm/security/DelegationTestEndServer.class */
public class DelegationTestEndServer {
    private String x509ServiceCert;
    private String x509ServiceKey;
    private String x509TrastedCACerts;
    private static X509Credential service_cred;
    private static TrustedCertificates trusted_certs;

    public DelegationTestEndServer(String str, String str2, String str3, int i) throws IOException {
        this.x509ServiceCert = str;
        this.x509ServiceKey = str2;
        this.x509TrastedCACerts = str3;
        while (true) {
            final Socket accept = new ServerSocket(i).accept();
            new Thread(new Runnable() { // from class: org.dcache.srm.security.DelegationTestEndServer.1
                @Override // java.lang.Runnable
                public void run() {
                    DelegationTestEndServer.this.handle(accept);
                }
            }).start();
        }
    }

    public static void delegateCredential(InetAddress inetAddress, int i, GSSCredential gSSCredential, boolean z) throws Exception {
        Socket socket = null;
        try {
            GSSManager extendedGSSManager = ExtendedGSSManager.getInstance();
            HostAuthorization hostAuthorization = HostAuthorization.getInstance();
            ExtendedGSSContext createContext = extendedGSSManager.createContext(hostAuthorization.getExpectedName((GSSCredential) null, inetAddress.getCanonicalHostName()), GSSConstants.MECH_OID, gSSCredential, 0);
            createContext.setOption(GSSConstants.GSS_MODE, GSIConstants.MODE_GSI);
            createContext.requestCredDeleg(true);
            if (z) {
                createContext.setOption(GSSConstants.DELEGATION_TYPE, GSIConstants.DELEGATION_TYPE_FULL);
            } else {
                createContext.setOption(GSSConstants.DELEGATION_TYPE, GSIConstants.DELEGATION_TYPE_LIMITED);
            }
            socket = new Socket(inetAddress, i);
            GSIGssSocket gSIGssSocket = new GSIGssSocket(socket, createContext);
            gSIGssSocket.setUseClientMode(true);
            gSIGssSocket.setAuthorization(hostAuthorization);
            gSIGssSocket.setWrapMode(1);
            gSIGssSocket.startHandshake();
        } catch (Exception e) {
            if (socket != null) {
                try {
                    socket.close();
                } catch (Exception e2) {
                }
            }
            throw e;
        }
    }

    public void handle(Socket socket) {
        try {
            try {
                GSIGssSocket gSIGssSocket = new GSIGssSocket(socket, getServiceContext());
                gSIGssSocket.setAuthorization(new Authorization() { // from class: org.dcache.srm.security.DelegationTestEndServer.2
                    public void authorize(GSSContext gSSContext, String str) throws AuthorizationException {
                        DelegationTestEndServer.this.say("authorized");
                    }
                });
                gSIGssSocket.setUseClientMode(false);
                gSIGssSocket.setWrapMode(1);
                gSIGssSocket.startHandshake();
                GSSCredential delegCred = gSIGssSocket.getContext().getDelegCred();
                if (delegCred != null) {
                    say("received deleg cred " + delegCred.getName());
                }
            } finally {
                try {
                    socket.close();
                } catch (Exception e) {
                }
            }
        } catch (Exception e2) {
            esay(e2);
            try {
                socket.close();
            } catch (Exception e3) {
            }
        }
    }

    public void say(String str) {
        System.out.println(str);
    }

    public void esay(String str) {
        System.err.println(str);
    }

    public void esay(Throwable th) {
        th.printStackTrace();
    }

    public static GSSCredential getServiceCredential(String str, String str2, int i) throws GSSException {
        try {
            if (service_cred != null) {
                service_cred.verify();
            }
        } catch (CredentialException e) {
            service_cred = null;
        }
        if (service_cred == null) {
            try {
                service_cred = new X509Credential(str, str2);
            } catch (CredentialException e2) {
                throw new GSSException(13, 0, "could not load host globus credentials " + e2.toString());
            } catch (IOException e3) {
                throw new GSSException(13, 0, "could not load host globus credentials " + e3.toString());
            }
        }
        return new GlobusGSSCredentialImpl(service_cred, i);
    }

    public static GSSContext getServiceContext(String str, String str2, String str3) throws GSSException {
        GSSCredential serviceCredential = getServiceCredential(str, str2, 2);
        if (trusted_certs == null) {
            trusted_certs = TrustedCertificates.load(str3);
        }
        ExtendedGSSContext createContext = ExtendedGSSManager.getInstance().createContext(serviceCredential);
        createContext.setOption(GSSConstants.GSS_MODE, GSIConstants.MODE_GSI);
        createContext.setOption(GSSConstants.TRUSTED_CERTIFICATES, trusted_certs);
        return createContext;
    }

    private GSSContext getServiceContext() throws GSSException {
        try {
            return getServiceContext(this.x509ServiceCert, this.x509ServiceKey, this.x509TrastedCACerts);
        } catch (GSSException e) {
            esay((Throwable) e);
            throw e;
        }
    }

    public static final void main(String[] strArr) throws IOException {
        new DelegationTestEndServer(strArr[0], strArr[1], strArr[2], Integer.parseInt(strArr[3]));
    }
}
