package com.cloud.agent.resource.consoleproxy;

import com.cloud.agent.Agent;
import com.cloud.agent.api.Answer;
import com.cloud.agent.api.CheckHealthAnswer;
import com.cloud.agent.api.CheckHealthCommand;
import com.cloud.agent.api.Command;
import com.cloud.agent.api.ConsoleAccessAuthenticationAnswer;
import com.cloud.agent.api.ConsoleAccessAuthenticationCommand;
import com.cloud.agent.api.ConsoleProxyLoadReportCommand;
import com.cloud.agent.api.PingCommand;
import com.cloud.agent.api.ReadyAnswer;
import com.cloud.agent.api.ReadyCommand;
import com.cloud.agent.api.StartupCommand;
import com.cloud.agent.api.StartupProxyCommand;
import com.cloud.agent.api.proxy.CheckConsoleProxyLoadCommand;
import com.cloud.agent.api.proxy.ConsoleProxyLoadAnswer;
import com.cloud.agent.api.proxy.StartConsoleProxyAgentHttpHandlerCommand;
import com.cloud.agent.api.proxy.WatchConsoleProxyLoadCommand;
import com.cloud.exception.AgentControlChannelException;
import com.cloud.host.Host;
import com.cloud.resource.ServerResource;
import com.cloud.resource.ServerResourceBase;
import com.cloud.utils.NumbersUtil;
import com.cloud.utils.net.NetUtils;
import com.cloud.utils.script.Script;
import com.google.gson.Gson;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.InvocationTargetException;
import java.net.URL;
import java.util.Map;
import java.util.Properties;
import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.class */
public class ConsoleProxyResource extends ServerResourceBase implements ServerResource {
    static final Logger s_logger = Logger.getLogger(ConsoleProxyResource.class);
    private final Properties _properties = new Properties();
    private Thread _consoleProxyMain = null;
    long _proxyVmId;
    int _proxyPort;
    String _localgw;
    String _eth1ip;
    String _eth1mask;
    String _pubIp;

    public Answer executeRequest(Command command) {
        if (command instanceof CheckConsoleProxyLoadCommand) {
            return execute((CheckConsoleProxyLoadCommand) command);
        }
        if (command instanceof WatchConsoleProxyLoadCommand) {
            return execute((WatchConsoleProxyLoadCommand) command);
        }
        if (!(command instanceof ReadyCommand)) {
            return command instanceof CheckHealthCommand ? new CheckHealthAnswer((CheckHealthCommand) command, true) : command instanceof StartConsoleProxyAgentHttpHandlerCommand ? execute((StartConsoleProxyAgentHttpHandlerCommand) command) : Answer.createUnsupportedCommandAnswer(command);
        }
        s_logger.info("Receive ReadyCommand, response with ReadyAnswer");
        return new ReadyAnswer((ReadyCommand) command);
    }

    private Answer execute(StartConsoleProxyAgentHttpHandlerCommand startConsoleProxyAgentHttpHandlerCommand) {
        launchConsoleProxy(startConsoleProxyAgentHttpHandlerCommand.getKeystoreBits(), startConsoleProxyAgentHttpHandlerCommand.getKeystorePassword(), startConsoleProxyAgentHttpHandlerCommand.getEncryptorPassword());
        return new Answer(startConsoleProxyAgentHttpHandlerCommand);
    }

    private void disableRpFilter() {
        try {
            BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter("/proc/sys/net/ipv4/conf/eth2/rp_filter"));
            bufferedWriter.write("0");
            bufferedWriter.close();
        } catch (IOException e) {
            s_logger.warn("Unable to disable rp_filter");
        }
    }

    private boolean copyCertToDirectory(String str, String str2) throws IOException {
        BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(str2));
        bufferedWriter.write(str);
        bufferedWriter.close();
        return true;
    }

    protected Answer execute(CheckConsoleProxyLoadCommand checkConsoleProxyLoadCommand) {
        return executeProxyLoadScan(checkConsoleProxyLoadCommand, checkConsoleProxyLoadCommand.getProxyVmId(), checkConsoleProxyLoadCommand.getProxyVmName(), checkConsoleProxyLoadCommand.getProxyManagementIp(), checkConsoleProxyLoadCommand.getProxyCmdPort());
    }

    protected Answer execute(WatchConsoleProxyLoadCommand watchConsoleProxyLoadCommand) {
        return executeProxyLoadScan(watchConsoleProxyLoadCommand, watchConsoleProxyLoadCommand.getProxyVmId(), watchConsoleProxyLoadCommand.getProxyVmName(), watchConsoleProxyLoadCommand.getProxyManagementIp(), watchConsoleProxyLoadCommand.getProxyCmdPort());
    }

    /* JADX WARN: Finally extract failed */
    private Answer executeProxyLoadScan(Command command, long j, String str, String str2, int i) {
        String str3 = null;
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("http://").append(str2).append(":" + i).append("/cmd/getstatus");
        boolean z = true;
        try {
            InputStream inputStream = new URL(stringBuffer.toString()).openConnection().getInputStream();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
            StringBuilder sb = new StringBuilder();
            while (true) {
                try {
                    try {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        }
                        sb.append(readLine + "\n");
                    } catch (Throwable th) {
                        try {
                            inputStream.close();
                        } catch (IOException e) {
                            s_logger.warn("Exception when closing , console proxy address : " + str2);
                        }
                        throw th;
                    }
                } catch (IOException e2) {
                    z = false;
                    try {
                        inputStream.close();
                    } catch (IOException e3) {
                        s_logger.warn("Exception when closing , console proxy address : " + str2);
                        z = false;
                    }
                }
            }
            str3 = sb.toString();
            try {
                inputStream.close();
            } catch (IOException e4) {
                s_logger.warn("Exception when closing , console proxy address : " + str2);
                z = false;
            }
        } catch (IOException e5) {
            s_logger.warn("Unable to open console proxy command port url, console proxy address : " + str2);
            z = false;
        }
        return new ConsoleProxyLoadAnswer(command, j, str, z, str3);
    }

    protected String getDefaultScriptsDir() {
        return null;
    }

    public Host.Type getType() {
        return Host.Type.ConsoleProxy;
    }

    public synchronized StartupCommand[] initialize() {
        StartupCommand startupProxyCommand = new StartupProxyCommand();
        fillNetworkInformation(startupProxyCommand);
        startupProxyCommand.setProxyPort(this._proxyPort);
        startupProxyCommand.setProxyVmId(this._proxyVmId);
        if (this._pubIp != null) {
            startupProxyCommand.setPublicIpAddress(this._pubIp);
        }
        return new StartupCommand[]{startupProxyCommand};
    }

    public void disconnected() {
    }

    public PingCommand getCurrentStatus(long j) {
        return new PingCommand(Host.Type.ConsoleProxy, j);
    }

    public boolean configure(String str, Map<String, Object> map) throws ConfigurationException {
        this._localgw = (String) map.get("localgw");
        this._eth1mask = (String) map.get("eth1mask");
        this._eth1ip = (String) map.get("eth1ip");
        if (this._eth1ip != null) {
            map.put("private.network.device", "eth1");
        } else {
            s_logger.warn("WARNING: eth1ip parameter is not found!");
        }
        if (((String) map.get("eth2ip")) != null) {
            map.put("public.network.device", "eth2");
        } else {
            s_logger.warn("WARNING: eth2ip parameter is not found!");
        }
        super.configure(str, map);
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            this._properties.put(entry.getKey(), entry.getValue());
        }
        String str2 = (String) map.get("premium");
        if (str2 == null || !str2.equals("premium")) {
            this._proxyPort = NumbersUtil.parseInt((String) map.get("consoleproxy.httpListenPort"), 80);
        } else {
            this._proxyPort = 443;
        }
        this._proxyVmId = NumbersUtil.parseLong((String) map.get("proxy_vm"), 0L);
        if (this._localgw != null) {
            addRouteToInternalIpOrCidr(this._localgw, this._eth1ip, this._eth1mask, (String) map.get("host"));
            String str3 = (String) map.get("internaldns1");
            if (str3 == null) {
                s_logger.warn("No DNS entry found during configuration of NfsSecondaryStorage");
            } else {
                addRouteToInternalIpOrCidr(this._localgw, this._eth1ip, this._eth1mask, str3);
            }
            String str4 = (String) map.get("internaldns2");
            if (str4 != null) {
                addRouteToInternalIpOrCidr(this._localgw, this._eth1ip, this._eth1mask, str4);
            }
        }
        this._pubIp = (String) map.get("public.ip");
        String str5 = (String) map.get("disable_rp_filter");
        if (str5 != null && str5.equalsIgnoreCase("true")) {
            disableRpFilter();
        }
        if (!s_logger.isInfoEnabled()) {
            return true;
        }
        s_logger.info("Receive proxyVmId in ConsoleProxyResource configuration as " + this._proxyVmId);
        return true;
    }

    private void addRouteToInternalIpOrCidr(String str, String str2, String str3, String str4) {
        s_logger.debug("addRouteToInternalIp: localgw=" + str + ", eth1ip=" + str2 + ", eth1mask=" + str3 + ",destIp=" + str4);
        if (str4 == null) {
            s_logger.debug("addRouteToInternalIp: destIp is null");
            return;
        }
        if (!NetUtils.isValidIp(str4) && !NetUtils.isValidCIDR(str4)) {
            s_logger.warn(" destIp is not a valid ip address or cidr destIp=" + str4);
            return;
        }
        boolean z = false;
        if (!NetUtils.isValidIp(str4)) {
            z = NetUtils.isNetworkAWithinNetworkB(str4, NetUtils.ipAndNetMaskToCidr(str2, str3));
        } else if (str2 == null || str3 == null) {
            s_logger.warn("addRouteToInternalIp: unable to determine same subnet: _eth1ip=" + str2 + ", dest ip=" + str4 + ", _eth1mask=" + str3);
        } else {
            z = NetUtils.sameSubnet(str2, str4, str3);
        }
        if (z) {
            s_logger.debug("addRouteToInternalIp: dest ip " + str4 + " is in the same subnet as eth1 ip " + str2);
            return;
        }
        Script script = new Script("/bin/bash", s_logger);
        script.add("-c");
        script.add("ip route delete " + str4);
        script.execute();
        Script script2 = new Script("/bin/bash", s_logger);
        script2.add("-c");
        script2.add("ip route add " + str4 + " via " + str);
        String execute = script2.execute();
        if (execute != null) {
            s_logger.warn("Error in configuring route to internal ip err=" + execute);
        } else {
            s_logger.debug("addRouteToInternalIp: added route to internal ip=" + str4 + " via " + str);
        }
    }

    public String getName() {
        return this._name;
    }

    private void launchConsoleProxy(final byte[] bArr, final String str, final String str2) {
        if (this._consoleProxyMain == null) {
            this._consoleProxyMain = new Thread(new Runnable() { // from class: com.cloud.agent.resource.consoleproxy.ConsoleProxyResource.1
                @Override // java.lang.Runnable
                public void run() {
                    try {
                        Class<?> cls = Class.forName("com.cloud.consoleproxy.ConsoleProxy");
                        try {
                            try {
                                cls.getMethod("setEncryptorPassword", String.class).invoke(null, str2);
                                cls.getMethod("startWithContext", Properties.class, Object.class, byte[].class, String.class).invoke(null, ConsoleProxyResource.this._properties, this, bArr, str);
                            } catch (IllegalArgumentException e) {
                                ConsoleProxyResource.s_logger.error("Unable to launch console proxy due to IllegalArgumentException");
                                System.exit(Agent.ExitStatus.Error.value());
                            } catch (SecurityException e2) {
                                ConsoleProxyResource.s_logger.error("Unable to launch console proxy due to SecurityException");
                                System.exit(Agent.ExitStatus.Error.value());
                            }
                        } catch (IllegalAccessException e3) {
                            ConsoleProxyResource.s_logger.error("Unable to launch console proxy due to IllegalAccessException");
                            System.exit(Agent.ExitStatus.Error.value());
                        } catch (NoSuchMethodException e4) {
                            ConsoleProxyResource.s_logger.error("Unable to launch console proxy due to NoSuchMethodException");
                            System.exit(Agent.ExitStatus.Error.value());
                        } catch (InvocationTargetException e5) {
                            ConsoleProxyResource.s_logger.error("Unable to launch console proxy due to InvocationTargetException");
                            System.exit(Agent.ExitStatus.Error.value());
                        }
                    } catch (ClassNotFoundException e6) {
                        ConsoleProxyResource.s_logger.error("Unable to launch console proxy due to ClassNotFoundException");
                        System.exit(Agent.ExitStatus.Error.value());
                    }
                }
            }, "Console-Proxy-Main");
            this._consoleProxyMain.setDaemon(true);
            this._consoleProxyMain.start();
            return;
        }
        s_logger.info("com.cloud.consoleproxy.ConsoleProxy is already running");
        try {
            Class.forName("com.cloud.consoleproxy.ConsoleProxy").getMethod("setEncryptorPassword", String.class).invoke(null, str2);
        } catch (ClassNotFoundException e) {
            s_logger.error("Unable to launch console proxy due to ClassNotFoundException");
            System.exit(Agent.ExitStatus.Error.value());
        } catch (IllegalAccessException e2) {
            s_logger.error("Unable to launch console proxy due to IllegalAccessException");
            System.exit(Agent.ExitStatus.Error.value());
        } catch (IllegalArgumentException e3) {
            s_logger.error("Unable to launch console proxy due to IllegalArgumentException");
            System.exit(Agent.ExitStatus.Error.value());
        } catch (NoSuchMethodException e4) {
            s_logger.error("Unable to launch console proxy due to NoSuchMethodException");
            System.exit(Agent.ExitStatus.Error.value());
        } catch (SecurityException e5) {
            s_logger.error("Unable to launch console proxy due to SecurityException");
            System.exit(Agent.ExitStatus.Error.value());
        } catch (InvocationTargetException e6) {
            s_logger.error("Unable to launch console proxy due to InvocationTargetException");
            System.exit(Agent.ExitStatus.Error.value());
        }
    }

    public String authenticateConsoleAccess(String str, String str2, String str3, String str4, String str5, Boolean bool) {
        ConsoleAccessAuthenticationCommand consoleAccessAuthenticationCommand = new ConsoleAccessAuthenticationCommand(str, str2, str3, str4, str5);
        consoleAccessAuthenticationCommand.setReauthenticating(bool.booleanValue());
        ConsoleProxyAuthenticationResult consoleProxyAuthenticationResult = new ConsoleProxyAuthenticationResult();
        consoleProxyAuthenticationResult.setSuccess(false);
        consoleProxyAuthenticationResult.setReauthentication(bool.booleanValue());
        try {
            ConsoleAccessAuthenticationAnswer sendRequest = getAgentControl().sendRequest(consoleAccessAuthenticationCommand, 10000);
            if (sendRequest != null) {
                ConsoleAccessAuthenticationAnswer consoleAccessAuthenticationAnswer = sendRequest;
                consoleProxyAuthenticationResult.setSuccess(consoleAccessAuthenticationAnswer.succeeded());
                consoleProxyAuthenticationResult.setHost(consoleAccessAuthenticationAnswer.getHost());
                consoleProxyAuthenticationResult.setPort(consoleAccessAuthenticationAnswer.getPort());
                consoleProxyAuthenticationResult.setTunnelUrl(consoleAccessAuthenticationAnswer.getTunnelUrl());
                consoleProxyAuthenticationResult.setTunnelSession(consoleAccessAuthenticationAnswer.getTunnelSession());
            } else {
                s_logger.error("Authentication failed for vm: " + str3 + " with sid: " + str4);
            }
        } catch (AgentControlChannelException e) {
            s_logger.error("Unable to send out console access authentication request due to " + e.getMessage(), e);
        }
        return new Gson().toJson(consoleProxyAuthenticationResult);
    }

    public void reportLoadInfo(String str) {
        try {
            getAgentControl().postRequest(new ConsoleProxyLoadReportCommand(this._proxyVmId, str));
            if (s_logger.isDebugEnabled()) {
                s_logger.debug("Report proxy load info, proxy : " + this._proxyVmId + ", load: " + str);
            }
        } catch (AgentControlChannelException e) {
            s_logger.error("Unable to send out load info due to " + e.getMessage(), e);
        }
    }

    public void ensureRoute(String str) {
        if (this._localgw != null) {
            if (s_logger.isDebugEnabled()) {
                s_logger.debug("Ensure route for " + str + " via " + this._localgw);
            }
            synchronized (this) {
                try {
                    addRouteToInternalIpOrCidr(this._localgw, this._eth1ip, this._eth1mask, str);
                } catch (Throwable th) {
                    s_logger.warn("Unexpected exception while adding internal route to " + str, th);
                }
            }
        }
    }
}
