package com.atlassian.bamboo.plugins.ssh;

import com.atlassian.bamboo.executor.RetryingTaskExecutor;
import com.atlassian.bamboo.security.TrustedKey;
import com.atlassian.bamboo.ssh.ProxyConnectionData;
import com.atlassian.bamboo.ssh.ProxyConnectionDataProvider;
import com.atlassian.bamboo.ssh.UntrustedKeyException;
import com.atlassian.bamboo.utils.RecentLazyReference;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import io.atlassian.util.concurrent.ThreadFactories;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.time.Duration;
import java.util.EnumSet;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.function.Supplier;
import org.apache.commons.lang3.SystemUtils;
import org.apache.log4j.Logger;
import org.apache.sshd.client.SshClient;
import org.apache.sshd.client.channel.ChannelExec;
import org.apache.sshd.client.channel.ClientChannelEvent;
import org.apache.sshd.client.future.AuthFuture;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.client.future.OpenFuture;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.common.future.CloseFuture;
import org.apache.sshd.common.session.ConnectionService;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.server.Command;
import org.apache.sshd.server.Environment;
import org.apache.sshd.server.ExitCallback;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/bamboo/plugins/ssh/SshProxyCommand.class */
public class SshProxyCommand implements Command {
    private static final int SSH_CONNECTION_RETRIES = 4;
    public static final String BAMBOO_UNTRUSTED_KEY = "bamboo_untrusted_key";
    private final String command;
    private final ProxyConnectionDataProvider proxyConnectionDataProvider;
    private OutputStream outputStream;
    private InputStream inputStream;
    private OutputStream errorStream;
    private ExitCallback exitCallback;
    private SshClient client;
    private ClientSession session;
    private ProxyConnectionData connectionData;
    private ChannelExec channel;
    private static final Logger log = Logger.getLogger(SshProxyCommand.class);
    private static final Duration INITIAL_SSH_RETRY_DELAY = Duration.ofSeconds(1);
    private static final ExecutorService threadPool = Executors.newCachedThreadPool(ThreadFactories.namedThreadFactory("SSH connection monitoring thread"));
    private static final Supplier<SshConfig> recentSshConfig = new RecentLazyReference<SshConfig>(60, TimeUnit.SECONDS) { // from class: com.atlassian.bamboo.plugins.ssh.SshProxyCommand.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* renamed from: createInstance, reason: merged with bridge method [inline-methods] */
        public SshConfig m24createInstance() throws Exception {
            return SshConfig.getDefaultSshConfig();
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.atlassian.bamboo.plugins.ssh.SshProxyCommand$4, reason: invalid class name */
    /* loaded from: input_file:com/atlassian/bamboo/plugins/ssh/SshProxyCommand$4.class */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$sshd$common$session$Session$TimeoutStatus = new int[Session.TimeoutStatus.values().length];

        static {
            try {
                $SwitchMap$org$apache$sshd$common$session$Session$TimeoutStatus[Session.TimeoutStatus.AuthTimeout.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$sshd$common$session$Session$TimeoutStatus[Session.TimeoutStatus.IdleTimeout.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public SshProxyCommand(SshClient sshClient, ProxyConnectionDataProvider proxyConnectionDataProvider, String str) {
        this.client = sshClient;
        this.command = str;
        this.proxyConnectionDataProvider = proxyConnectionDataProvider;
    }

    public void setInputStream(InputStream inputStream) {
        this.inputStream = inputStream;
    }

    public void setOutputStream(OutputStream outputStream) {
        this.outputStream = outputStream;
    }

    public void setErrorStream(OutputStream outputStream) {
        this.errorStream = outputStream;
    }

    public void setExitCallback(ExitCallback exitCallback) {
        this.exitCallback = exitCallback;
    }

    @VisibleForTesting
    public boolean isChannelClosed() {
        return this.channel.isClosed();
    }

    public void start(Environment environment) throws IOException {
        log.debug("Start called: " + environment.getEnv().toString());
        String str = (String) environment.getEnv().get("USER");
        if (str == null) {
            String str2 = "Expected USER to be set: " + environment.getEnv().toString();
            log.error(str2);
            writeToErrorStream(str2);
            this.exitCallback.onExit(255);
            return;
        }
        ProxyConnectionData connectionData = this.proxyConnectionDataProvider.getConnectionData(str);
        if (connectionData != null) {
            this.connectionData = recentSshConfig.get().apply(connectionData, SystemUtils.USER_NAME);
            threadPool.submit(() -> {
                log.debug("Monitoring " + str);
                Callable<Object> callable = new Callable<Object>() { // from class: com.atlassian.bamboo.plugins.ssh.SshProxyCommand.2
                    @Override // java.util.concurrent.Callable
                    @Nullable
                    public Object call() throws Exception {
                        SshProxyCommand.this.startRemoteConnection();
                        SshProxyCommand.this.connectSession();
                        return null;
                    }
                };
                try {
                    String str3 = "Connecting to " + this.connectionData;
                    Duration duration = INITIAL_SSH_RETRY_DELAY;
                    Class<IllegalStateException> cls = IllegalStateException.class;
                    IllegalStateException.class.getClass();
                    RetryingTaskExecutor.retry(str3, SSH_CONNECTION_RETRIES, duration, callable, (v1) -> {
                        return r4.isInstance(v1);
                    });
                } catch (Exception e) {
                    finishWithError("Error while opening SSH session", e);
                }
            });
        } else {
            String str3 = "Cannot map user to connection data: " + str;
            log.error(str3);
            writeToErrorStream(str3);
            this.exitCallback.onExit(255);
        }
    }

    public void destroy() {
        log.debug("Destroy called");
        threadPool.submit(() -> {
            Thread.currentThread().setName("Connection killer");
            closeSession();
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void startRemoteConnection() {
        log.debug("Connecting client");
        try {
            ConnectFuture connect = this.client.connect(this.connectionData.getRemoteUserName(), this.connectionData.getRemoteAddress());
            connect.awaitUninterruptibly();
            this.session = connect.getSession();
            if (connect.isConnected()) {
                return;
            }
            finishWithError("Can't connect session, connectFuture is not connected...", connect.getException());
        } catch (Exception e) {
            finishWithError("Remote connection failed", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void connectSession() {
        AuthFuture auth;
        if (this.session == null) {
            return;
        }
        try {
            KeyPair keyPair = this.connectionData.getKeyPair();
            if (keyPair == null) {
                String remotePassword = this.connectionData.getRemotePassword();
                Preconditions.checkNotNull(remotePassword, "neither the key pair nor the password is set");
                log.debug("Authenticating user [" + this.connectionData.getRemoteUserName() + "] using a password");
                this.session.addPasswordIdentity(remotePassword);
                auth = this.session.auth();
            } else {
                log.debug("Authenticating user [" + this.connectionData.getRemoteUserName() + "] using a key pair");
                this.session.addPublicKeyIdentity(keyPair);
                auth = this.session.auth();
            }
            auth.awaitUninterruptibly();
            if (auth.isSuccess()) {
                createExecChannel();
            } else if (this.session.getMetadataMap().containsKey(BAMBOO_UNTRUSTED_KEY)) {
                finishWithError("Host key not trusted by Bamboo", new UntrustedKeyException("Host key verification failed", (TrustedKey) this.session.getMetadataMap().get(BAMBOO_UNTRUSTED_KEY)));
            } else {
                finishWithError("Authenticating remote session failed", auth.getException());
            }
        } catch (IOException e) {
            finishWithError("I/O exception during authentication of the remote session", e);
        }
    }

    private void createExecChannel() {
        log.debug("Creating exec channel");
        try {
            this.channel = new ChannelExec(mapPaths(this.command)) { // from class: com.atlassian.bamboo.plugins.ssh.SshProxyCommand.3
                /* JADX WARN: Code restructure failed: missing block: B:10:0x004a, code lost:
                
                    sendEof();
                 */
                /*
                    Code decompiled incorrectly, please refer to instructions dump.
                    To view partially-correct add '--show-bad-code' argument
                */
                protected void pumpInputStream() {
                    /*
                        r6 = this;
                        r0 = r6
                        org.apache.sshd.common.channel.Window r0 = r0.getRemoteWindow()     // Catch: java.lang.Exception -> L57
                        long r0 = r0.getPacketSize()     // Catch: java.lang.Exception -> L57
                        int r0 = java.lang.Math.toIntExact(r0)     // Catch: java.lang.Exception -> L57
                        byte[] r0 = new byte[r0]     // Catch: java.lang.Exception -> L57
                        r7 = r0
                    Ld:
                        r0 = r6
                        org.apache.sshd.common.future.CloseFuture r0 = r0.closeFuture     // Catch: java.lang.Exception -> L57
                        boolean r0 = r0.isClosed()     // Catch: java.lang.Exception -> L57
                        if (r0 != 0) goto L54
                        r0 = r6
                        r1 = r6
                        java.io.InputStream r1 = r1.in     // Catch: java.lang.Exception -> L57
                        r2 = r7
                        r3 = 0
                        r4 = r7
                        int r4 = r4.length     // Catch: java.lang.Exception -> L57
                        int r0 = r0.securedRead(r1, r2, r3, r4)     // Catch: java.lang.Exception -> L57
                        r8 = r0
                        r0 = r6
                        com.atlassian.bamboo.plugins.ssh.SshProxyCommand r0 = com.atlassian.bamboo.plugins.ssh.SshProxyCommand.this     // Catch: java.lang.Exception -> L57
                        org.apache.sshd.client.session.ClientSession r0 = com.atlassian.bamboo.plugins.ssh.SshProxyCommand.access$000(r0)     // Catch: java.lang.Exception -> L57
                        r0.resetIdleTimeout()     // Catch: java.lang.Exception -> L57
                        r0 = r8
                        if (r0 <= 0) goto L4a
                        r0 = r6
                        java.io.OutputStream r0 = r0.invertedIn     // Catch: java.lang.Exception -> L57
                        r1 = r7
                        r2 = 0
                        r3 = r8
                        r0.write(r1, r2, r3)     // Catch: java.lang.Exception -> L57
                        r0 = r6
                        java.io.OutputStream r0 = r0.invertedIn     // Catch: java.lang.Exception -> L57
                        r0.flush()     // Catch: java.lang.Exception -> L57
                        goto L51
                    L4a:
                        r0 = r6
                        r0.sendEof()     // Catch: java.lang.Exception -> L57
                        goto L54
                    L51:
                        goto Ld
                    L54:
                        goto L74
                    L57:
                        r7 = move-exception
                        r0 = r6
                        java.util.concurrent.atomic.AtomicReference r0 = r0.state
                        java.lang.Object r0 = r0.get()
                        org.apache.sshd.common.util.closeable.AbstractCloseable$State r1 = org.apache.sshd.common.util.closeable.AbstractCloseable.State.Opened
                        if (r0 != r1) goto L74
                        org.apache.log4j.Logger r0 = com.atlassian.bamboo.plugins.ssh.SshProxyCommand.access$100()
                        java.lang.String r1 = "Caught exception"
                        r2 = r7
                        r0.info(r1, r2)
                        r0 = r6
                        r1 = 0
                        org.apache.sshd.common.future.CloseFuture r0 = r0.close(r1)
                    L74:
                        return
                    */
                    throw new UnsupportedOperationException("Method not decompiled: com.atlassian.bamboo.plugins.ssh.SshProxyCommand.AnonymousClass3.pumpInputStream():void");
                }

                public CloseFuture close(boolean z) {
                    switch (AnonymousClass4.$SwitchMap$org$apache$sshd$common$session$Session$TimeoutStatus[SshProxyCommand.this.session.getTimeoutStatus().ordinal()]) {
                        case 1:
                            SshProxyCommand.this.finishWithError(String.format("Session has timed out waiting for authentication after %d ms.", Long.valueOf(SshProxyCommand.this.session.getAuthTimeout())));
                            break;
                        case 2:
                            SshProxyCommand.this.finishWithError(String.format("User session has timed out idling after %d ms.", Long.valueOf(SshProxyCommand.this.session.getIdleTimeout())));
                            break;
                    }
                    return super.close(z);
                }
            };
            this.session.getService(ConnectionService.class).registerChannel(this.channel);
            this.channel.setIn(this.inputStream);
            this.channel.setErr(this.errorStream);
            this.channel.setOut(this.outputStream);
            try {
                OpenFuture open = this.channel.open();
                open.awaitUninterruptibly();
                if (!open.isOpened()) {
                    finishWithError("Error opening exec channel", open.getException());
                    return;
                }
                log.debug("Session wait: " + this.channel.waitFor(EnumSet.of(ClientChannelEvent.CLOSED, ClientChannelEvent.TIMEOUT), 0L));
                finishCleanly();
            } catch (Exception e) {
                finishWithError("Error opening exec channel", e);
            }
        } catch (Exception e2) {
            finishWithError("Error creating exec channel", e2);
        }
    }

    private String mapPaths(String str) {
        if (this.connectionData.getMapPathFrom() == null) {
            return str;
        }
        String str2 = "'" + this.connectionData.getMapPathFrom() + "'";
        String str3 = "'" + this.connectionData.getMapPathTo() + "'";
        String replaceAll = str.replaceAll(str2, str3);
        if (!replaceAll.equals(str)) {
            log.debug("Replaced paths from: " + str + " to " + replaceAll);
        } else if (str.contains(str3)) {
            log.info("Already replaced " + str);
        } else {
            log.warn("Did not replace anything in " + str);
        }
        return replaceAll;
    }

    synchronized void closeSession() {
        log.debug("Closing session");
        if (this.session != null) {
            this.session.close(true);
            this.session = null;
        }
    }

    private void finishCleanly() {
        log.debug("Connection finished");
        closeSession();
        this.exitCallback.onExit(0);
    }

    private void finishWithError(String str, Throwable th) {
        this.connectionData.reportProxyError(str, th);
        StringBuilder append = new StringBuilder("SSH proxy tried to connect to [").append(this.connectionData.getRemoteUserName()).append("@").append(this.connectionData.getRemoteAddress()).append("]: and failed due to the following error: [").append(str).append(']');
        if (th == null) {
            append.append(" no exception reported");
        }
        String sb = append.toString();
        log.debug(sb, th);
        finishWithError(th == null ? sb : append.append(": ").append(th.getMessage()).toString());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void finishWithError(String str) {
        writeToErrorStream(str);
        this.exitCallback.onExit(255);
        closeSession();
    }

    private void writeToErrorStream(String str) {
        try {
            this.errorStream.write(("BAMBOO-SSH-PROXY: [" + str + "]\n").getBytes(StandardCharsets.UTF_8));
            this.errorStream.flush();
        } catch (IOException e) {
            log.warn("Cannot write error message to the client", e);
        }
    }
}
