package net.unimus.core.service.connection.ssh;

import com.jcraft.jsch.ChannelShell;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.JSchException;
import com.jcraft.jsch.JSchSessionDisconnectException;
import com.jcraft.jsch.Session;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.UnknownHostException;
import java.util.Collections;
import java.util.concurrent.ExecutorService;
import javax.annotation.Nullable;
import lombok.NonNull;
import net.sf.expectit.Result;
import net.sf.expectit.matcher.Matcher;
import net.sf.expectit.matcher.Matchers;
import net.unimus.core.SshProperties;
import net.unimus.core.cli.login.results.CliLoginResult;
import net.unimus.core.cli.login.states.States;
import net.unimus.core.service.connection.AbstractCliConnection;
import net.unimus.core.service.connection.CliConnectionManager;
import net.unimus.core.service.connection.CliProperties;
import net.unimus.core.service.connection.DeviceOutputCollector;
import net.unimus.core.service.connection.cache.CliCachingPolicy;
import net.unimus.core.service.connection.exceptions.PasswordChangeRequestedException;
import net.unimus.core.service.connection.result.ConnectAndAuthenticateResult;
import net.unimus.core.service.new_connection.ssh.SshLifecycleManager;
import net.unimus.core.service.new_connection.ssh.SshSessionConfigurator;
import net.unimus.core.service.new_connection.ssh.SshSessionLifecycleMonitor;
import org.apache.juli.JdkLoggerFormatter;
import software.netcore.core_api.data.Credential;
import software.netcore.core_api.operation.discovery.data.AuthenticationError;
import software.netcore.core_api.operation.discovery.data.ConnectionError;
import software.netcore.core_api.shared.AuthMethod;
import software.netcore.core_api.shared.ConnectorType;

/* loaded from: input_file:BOOT-INF/lib/core-3.30.0-STAGE.jar:net/unimus/core/service/connection/ssh/AbstractSshConnection.class */
abstract class AbstractSshConnection extends AbstractCliConnection {
    protected static final Matcher<Result> SSH_VERSION_MATCHER = Matchers.regexp("(?m)^SSH-.+");
    private static final String SSH_VERSION = "SSH-2.0-UNIMUS";
    private static final String PREFERRED_AUTH_METHODS_CONFIG_KEY = "PreferredAuthentications";

    @NonNull
    protected final SshProperties sshProperties;
    protected Session sshSession;
    protected ChannelShell shell;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSshConnection(@NonNull String str, int i, @NonNull CliConnectionManager cliConnectionManager, @NonNull CliProperties cliProperties, @NonNull SshProperties sshProperties, @NonNull CliCachingPolicy cliCachingPolicy, @Nullable ExecutorService executorService, @Nullable DeviceOutputCollector deviceOutputCollector) {
        super(str, i, cliConnectionManager, cliProperties, cliCachingPolicy, executorService, deviceOutputCollector);
        if (str == null) {
            throw new NullPointerException("address is marked non-null but is null");
        }
        if (cliConnectionManager == null) {
            throw new NullPointerException("connectionManager is marked non-null but is null");
        }
        if (cliProperties == null) {
            throw new NullPointerException("cliProperties is marked non-null but is null");
        }
        if (sshProperties == null) {
            throw new NullPointerException("sshProperties is marked non-null but is null");
        }
        if (cliCachingPolicy == null) {
            throw new NullPointerException("cachingPolicy is marked non-null but is null");
        }
        this.sshProperties = sshProperties;
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public ConnectorType getType() {
        return ConnectorType.SSH;
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public ConnectAndAuthenticateResult connectAndAuthenticate(Credential credential) throws InterruptedException {
        if (this.deviceCli != null) {
            disconnect();
            throw new IllegalStateException("This connection was already connected");
        }
        ConnectAndAuthenticateResult connect = connect(credential);
        return (connect.connectionSuccessful() && connect.getAuthenticationError() == null) ? connect.getLoginResult() != null ? connect : authenticate(credential) : connect;
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public String getServerIdentificationString() {
        if (this.sshSession != null) {
            return this.sshSession.getServerVersion();
        }
        throw new IllegalStateException("SSH session not connected");
    }

    @Override // net.unimus.core.service.connection.AbstractCliConnection
    protected String getCommandSubmissionSequence() {
        return "\r";
    }

    protected abstract ConnectAndAuthenticateResult connect(Credential credential) throws InterruptedException;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.unimus.core.service.connection.AbstractCliConnection
    public void disconnectProtocol() {
        if (this.shell == null && this.sshSession == null) {
            return;
        }
        decorateSessionDataOutput("disconnect - channel & session");
        if (this.shell != null) {
            this.log.trace("Closing SSH shell channel");
            this.shell.disconnect();
            this.shell = null;
        }
        if (this.sshSession != null) {
            this.log.trace("Closing SSH session");
            this.sshSession.disconnect();
            this.sshSession = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Finally extract failed */
    public ConnectAndAuthenticateResult connectSsh(JSch jSch, Credential credential) {
        int connectTimeout = this.cliProperties.getConnectTimeout();
        int expectTimeout = this.cliProperties.getExpectTimeout();
        SshSessionConfigurator.configure(this.sshSession, this.sshProperties);
        if (credential.getAuthMethod() == AuthMethod.SSH_KEY) {
            try {
                jSch.addIdentity("", credential.getSshKey().getBytes(), null, null);
                this.sshSession.setConfig(PREFERRED_AUTH_METHODS_CONFIG_KEY, "publickey");
            } catch (JSchException e) {
                this.sshSession = null;
                this.log.debug("Failed to use SSH key on '{}:{}', '{}', '{}'", this.address, Integer.valueOf(this.port), e.getClass().getSimpleName(), e.getMessage());
                return ConnectAndAuthenticateResult.builder().authenticationError(AuthenticationError.CREDENTIAL_FORMAT_INVALID_ERROR).build();
            }
        } else {
            if (credential.getAuthMethod() != AuthMethod.PASSWORD) {
                this.sshSession = null;
                throw new IllegalArgumentException("SSH Authentication method '" + credential.getAuthMethod() + "' not supported");
            }
            this.sshSession.setPassword(credential.getPassword());
            this.sshSession.setConfig(PREFERRED_AUTH_METHODS_CONFIG_KEY, this.sshProperties.getPreferredPasswordAuthenticationMethods());
        }
        this.sshSession.setClientVersion("SSH-2.0-UNIMUS");
        SshSessionLifecycleMonitor initialize = SshSessionLifecycleMonitor.initialize();
        SshLifecycleManager.getInstance().addSessionMonitor(this.sshSession, initialize);
        try {
            try {
                try {
                    decorateSessionDataOutput("connect - session");
                    this.sshSession.connect(connectTimeout);
                    SshLifecycleManager.getInstance().removeSessionMonitor(this.sshSession);
                    if (0 != 0) {
                        disconnect();
                    }
                    initialize.startConnection();
                    try {
                        try {
                            this.shell = (ChannelShell) this.sshSession.openChannel("shell");
                            if (0 != 0) {
                                disconnect();
                            }
                            if (this.shell == null) {
                                disconnect();
                                return ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.INTERNAL_ERROR).build();
                            }
                            this.shell.setTerminalMode(new byte[]{53, 0, 0, 0, 1, 0});
                            this.shell.setPtyType(this.cliProperties.getCliTerminalType(), this.cliProperties.getCliTerminalWidth(), this.cliProperties.getCliTerminalHeight(), JdkLoggerFormatter.LOG_LEVEL_INFO, 600);
                            try {
                                try {
                                    OutputStream outputStream = this.shell.getOutputStream();
                                    InputStream inputStream = this.shell.getInputStream();
                                    InputStream extInputStream = this.shell.getExtInputStream();
                                    if (0 != 0) {
                                        disconnect();
                                    }
                                    try {
                                        try {
                                            decorateSessionDataOutput("connect - shell channel");
                                            this.shell.connect();
                                            if (0 != 0) {
                                                disconnect();
                                            }
                                            try {
                                                try {
                                                    buildDeviceCli(expectTimeout, outputStream, inputStream, extInputStream);
                                                    if (0 != 0) {
                                                        disconnect();
                                                    }
                                                    return ConnectAndAuthenticateResult.builder().build();
                                                } catch (IOException e2) {
                                                    this.log.debug("Failed to build device cli.", (Throwable) e2);
                                                    ConnectAndAuthenticateResult build = ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.CONNECTION_ERROR).build();
                                                    if (1 != 0) {
                                                        disconnect();
                                                    }
                                                    return build;
                                                } catch (Exception e3) {
                                                    throw e3;
                                                }
                                            } finally {
                                                if (0 != 0) {
                                                    disconnect();
                                                }
                                            }
                                        } finally {
                                            if (0 != 0) {
                                                disconnect();
                                            }
                                        }
                                    } catch (JSchException e4) {
                                        this.log.debug("Failed to connect SSH shell channel", (Throwable) e4);
                                        ConnectAndAuthenticateResult build2 = ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.CONNECTION_ERROR).build();
                                        if (1 != 0) {
                                            disconnect();
                                        }
                                        return build2;
                                    } catch (Exception e5) {
                                        throw e5;
                                    }
                                } finally {
                                    if (0 != 0) {
                                        disconnect();
                                    }
                                }
                            } catch (IOException e6) {
                                this.log.debug("Could not get IO streams.", (Throwable) e6);
                                ConnectAndAuthenticateResult build3 = ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.INTERNAL_ERROR).build();
                                if (1 != 0) {
                                    disconnect();
                                }
                                return build3;
                            } catch (Exception e7) {
                                throw e7;
                            }
                        } finally {
                            if (0 != 0) {
                                disconnect();
                            }
                        }
                    } catch (JSchException e8) {
                        this.log.debug("Failed to open shell channel.", (Throwable) e8);
                        ConnectAndAuthenticateResult build4 = ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.INTERNAL_ERROR).build();
                        if (1 != 0) {
                            disconnect();
                        }
                        return build4;
                    } catch (Exception e9) {
                        throw e9;
                    }
                } catch (JSchException e10) {
                    String lowerCase = e10.getMessage().toLowerCase();
                    if (lowerCase.contains("auth fail") || lowerCase.contains("auth cancel") || lowerCase.contains("too many authentication failures") || ((e10 instanceof JSchSessionDisconnectException) && initialize.getCurrentState() == SshSessionLifecycleMonitor.ProtocolState.AUTHENTICATION)) {
                        this.log.debug("Failed to connect SSH session to '{}':'{}' - auth failed, invalid credentials", this.address, Integer.valueOf(this.port));
                        ConnectAndAuthenticateResult build5 = ConnectAndAuthenticateResult.builder().loginResult(new CliLoginResult(Collections.singletonList(States.AUTH_FAILED), "")).build();
                        SshLifecycleManager.getInstance().removeSessionMonitor(this.sshSession);
                        if (1 != 0) {
                            disconnect();
                        }
                        return build5;
                    }
                    if (lowerCase.equals("algorithm negotiation fail")) {
                        this.log.debug("Failed to connect SSH session to '{}':'{}' - unsupported SSH algorithm", this.address, Integer.valueOf(this.port));
                        ConnectAndAuthenticateResult build6 = ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.UNSUPPORTED_ALGORITHM).build();
                        SshLifecycleManager.getInstance().removeSessionMonitor(this.sshSession);
                        if (1 != 0) {
                            disconnect();
                        }
                        return build6;
                    }
                    if (e10.getCause() instanceof UnknownHostException) {
                        this.log.debug("Failed to connect SSH session to '{}':'{}' - unable to resolve hostname to a valid IP address", this.address, Integer.valueOf(this.port));
                        ConnectAndAuthenticateResult build7 = ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.UNKNOWN_HOSTNAME).build();
                        SshLifecycleManager.getInstance().removeSessionMonitor(this.sshSession);
                        if (1 != 0) {
                            disconnect();
                        }
                        return build7;
                    }
                    if (e10 instanceof PasswordChangeRequestedException) {
                        this.log.debug("Failed to connect SSH session to '{}':'{}' - device requested password change, cancelling auth", this.address, Integer.valueOf(this.port));
                        ConnectAndAuthenticateResult build8 = ConnectAndAuthenticateResult.builder().authenticationError(AuthenticationError.REQUESTED_PASSWORD_CHANGE).build();
                        SshLifecycleManager.getInstance().removeSessionMonitor(this.sshSession);
                        if (1 != 0) {
                            disconnect();
                        }
                        return build8;
                    }
                    this.log.debug("Failed to connect SSH session to '{}':'{}' - failed to connect SSH session", this.address, Integer.valueOf(this.port), e10);
                    ConnectAndAuthenticateResult build9 = ConnectAndAuthenticateResult.builder().connectionError(ConnectionError.CONNECTION_ERROR).build();
                    SshLifecycleManager.getInstance().removeSessionMonitor(this.sshSession);
                    if (1 != 0) {
                        disconnect();
                    }
                    return build9;
                }
            } catch (Exception e11) {
                throw e11;
            }
        } catch (Throwable th) {
            SshLifecycleManager.getInstance().removeSessionMonitor(this.sshSession);
            throw th;
        }
    }
}
