package org.opennms.protocols.jmx.connectors;

import com.sun.security.sasl.Provider;
import java.net.InetAddress;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorFactory;
import javax.management.remote.JMXServiceURL;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.opennms.core.utils.ParameterMap;
import org.opennms.core.utils.ThreadCategory;

/* loaded from: input_file:jnlp/opennms-services-1.8.4.jar:org/opennms/protocols/jmx/connectors/JMXSecureConnectionFactory.class */
public class JMXSecureConnectionFactory {
    static ThreadCategory log = ThreadCategory.getInstance((Class<?>) JMXSecureConnectionFactory.class);

    /* loaded from: input_file:jnlp/opennms-services-1.8.4.jar:org/opennms/protocols/jmx/connectors/JMXSecureConnectionFactory$AnyServerX509TrustManager.class */
    private static class AnyServerX509TrustManager implements X509TrustManager {
        private AnyServerX509TrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            throw new CertificateException("not supported");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }
    }

    public static Jsr160ConnectionWrapper getMBeanServerConnection(Map map, InetAddress inetAddress) {
        JMXConnector newJMXConnector;
        Jsr160ConnectionWrapper jsr160ConnectionWrapper = null;
        JMXServiceURL jMXServiceURL = null;
        String keyedString = ParameterMap.getKeyedString(map, "factory", "SASL");
        int keyedInteger = ParameterMap.getKeyedInteger(map, "port", 11162);
        String keyedString2 = ParameterMap.getKeyedString(map, "protocol", "jmxmp");
        String keyedString3 = ParameterMap.getKeyedString(map, "urlPath", "");
        String keyedString4 = ParameterMap.getKeyedString(map, "sunCacao", "false");
        log.debug("JMX: " + keyedString + " - service:" + keyedString2 + "//" + inetAddress.getHostAddress() + ":" + keyedInteger + keyedString3);
        if (keyedString.equals("SASL")) {
            try {
                String keyedString5 = ParameterMap.getKeyedString(map, "username", null);
                String keyedString6 = ParameterMap.getKeyedString(map, "password", null);
                HashMap hashMap = new HashMap();
                while (true) {
                    try {
                        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                        trustManagerFactory.init(keyStore);
                        AnyServerX509TrustManager anyServerX509TrustManager = new AnyServerX509TrustManager();
                        SSLContext sSLContext = SSLContext.getInstance("TLSv1");
                        sSLContext.init(null, new TrustManager[]{anyServerX509TrustManager}, null);
                        hashMap.put("jmx.remote.tls.socket.factory", sSLContext.getSocketFactory());
                        Security.addProvider(new Provider());
                        String[] strArr = keyedString4.equals("true") ? new String[]{"com.sun.cacao.user\u0001" + keyedString5, keyedString6} : new String[]{keyedString5, keyedString6};
                        hashMap.put("jmx.remote.profiles", "TLS SASL/PLAIN");
                        hashMap.put("jmx.remote.credentials", strArr);
                        jMXServiceURL = new JMXServiceURL(keyedString2, inetAddress.getHostAddress(), keyedInteger, keyedString3);
                        newJMXConnector = JMXConnectorFactory.newJMXConnector(jMXServiceURL, (Map) null);
                        try {
                            newJMXConnector.connect(hashMap);
                            break;
                        } catch (SecurityException e) {
                            log.error("Security exception: bad credentials");
                            throw e;
                        } catch (SSLException e2) {
                        }
                    } catch (Exception e3) {
                        log.error("Something bad occured: " + e3.getMessage());
                        throw e3;
                    }
                }
                jsr160ConnectionWrapper = new Jsr160ConnectionWrapper(newJMXConnector, newJMXConnector.getMBeanServerConnection());
            } catch (Exception e4) {
                log.error("Unable to get MBeanServerConnection: " + jMXServiceURL);
            }
        }
        return jsr160ConnectionWrapper;
    }
}
