package com.sun.enterprise.v3.admin;

import com.sun.enterprise.config.serverbeans.Config;
import com.sun.enterprise.config.serverbeans.Domain;
import com.sun.enterprise.config.serverbeans.IiopListener;
import com.sun.enterprise.config.serverbeans.IiopService;
import com.sun.enterprise.config.serverbeans.SslClientConfig;
import com.sun.enterprise.util.LocalStringManagerImpl;
import com.sun.grizzly.config.dom.NetworkListener;
import com.sun.grizzly.config.dom.Protocol;
import com.sun.grizzly.config.dom.Protocols;
import com.sun.grizzly.config.dom.Ssl;
import java.beans.PropertyVetoException;
import org.glassfish.api.ActionReport;
import org.glassfish.api.I18n;
import org.glassfish.api.Param;
import org.glassfish.api.admin.AdminCommand;
import org.glassfish.api.admin.AdminCommandContext;
import org.glassfish.api.admin.Cluster;
import org.glassfish.api.admin.RuntimeType;
import org.glassfish.config.support.CommandTarget;
import org.glassfish.config.support.TargetType;
import org.glassfish.internal.api.Target;
import org.jvnet.hk2.annotations.Inject;
import org.jvnet.hk2.annotations.Scoped;
import org.jvnet.hk2.annotations.Service;
import org.jvnet.hk2.component.Habitat;
import org.jvnet.hk2.component.PerLookup;
import org.jvnet.hk2.config.ConfigBeanProxy;
import org.jvnet.hk2.config.ConfigSupport;
import org.jvnet.hk2.config.SingleConfigCode;
import org.jvnet.hk2.config.TransactionFailure;

@Service(name = "create-ssl")
@Scoped(PerLookup.class)
@TargetType({CommandTarget.DAS, CommandTarget.STANDALONE_INSTANCE, CommandTarget.CLUSTER, CommandTarget.CONFIG})
@I18n("create.ssl")
@Cluster({RuntimeType.DAS, RuntimeType.INSTANCE})
/* loaded from: input_file:com/sun/enterprise/v3/admin/CreateSsl.class */
public class CreateSsl implements AdminCommand {
    private static final LocalStringManagerImpl localStrings = new LocalStringManagerImpl(CreateSsl.class);

    @Param(name = "certname")
    String certName;

    @Param(name = "type", acceptableValues = "network-listener, http-listener, iiop-listener, iiop-service")
    String type;

    @Param(name = "ssl2enabled", optional = true, defaultValue = "true")
    Boolean ssl2Enabled;

    @Param(name = "ssl2ciphers", optional = true)
    String ssl2ciphers;

    @Param(name = "ssl3enabled", optional = true, defaultValue = "true")
    Boolean ssl3Enabled;

    @Param(name = "ssl3tlsciphers", optional = true)
    String ssl3tlsciphers;

    @Param(name = "tlsenabled", optional = true, defaultValue = "true")
    Boolean tlsenabled;

    @Param(name = "tlsrollbackenabled", optional = true, defaultValue = "true")
    Boolean tlsrollbackenabled;

    @Param(name = "clientauthenabled", optional = true, defaultValue = "true")
    Boolean clientauthenabled;

    @Param(name = "target", optional = true, defaultValue = "server")
    String target;

    @Param(name = "listener_id", primary = true, optional = true)
    String listenerId;

    @Inject(name = "default-instance-name")
    Config config;

    @Inject
    Domain domain;

    @Inject
    Habitat habitat;
    private static final String GF_SSL_IMPL_NAME = "com.sun.enterprise.security.ssl.GlassfishSSLImpl";

    public void execute(AdminCommandContext adminCommandContext) {
        ActionReport actionReport = adminCommandContext.getActionReport();
        Config config = ((Target) this.habitat.getComponent(Target.class)).getConfig(this.target);
        if (config != null) {
            this.config = config;
        }
        if (!"iiop-service".equals(this.type) && this.listenerId == null) {
            actionReport.setMessage(localStrings.getLocalString("create.ssl.listenerid.missing", "Listener id needs to be specified"));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
        } else if ("http-listener".equals(this.type) || "network-listener".equals(this.type)) {
            addSslToNetworkListener(this.config, actionReport);
        } else if ("iiop-listener".equals(this.type)) {
            addSslToIIOPListener(this.config, actionReport);
        } else if ("iiop-service".equals(this.type)) {
            addSslToIIOPService(this.config, actionReport);
        }
    }

    private void addSslToIIOPListener(Config config, ActionReport actionReport) {
        IiopListener iiopListener = null;
        for (IiopListener iiopListener2 : config.getIiopService().getIiopListener()) {
            if (iiopListener2.getId().equals(this.listenerId)) {
                iiopListener = iiopListener2;
            }
        }
        if (iiopListener == null) {
            actionReport.setMessage(localStrings.getLocalString("create.ssl.iiop.notfound", "IIOP Listener named {0} to which this ssl element is being added does not exist.", new Object[]{this.listenerId}));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
        } else if (iiopListener.getSsl() != null) {
            actionReport.setMessage(localStrings.getLocalString("create.ssl.iiop.alreadyExists", "IIOP Listener named {0} to which this ssl element is being added already has an ssl element.", new Object[]{this.listenerId}));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
        } else {
            try {
                ConfigSupport.apply(new SingleConfigCode<IiopListener>() { // from class: com.sun.enterprise.v3.admin.CreateSsl.1
                    public Object run(IiopListener iiopListener3) throws PropertyVetoException, TransactionFailure {
                        Ssl createChild = iiopListener3.createChild(Ssl.class);
                        CreateSsl.this.populateSslElement(createChild);
                        iiopListener3.setSsl(createChild);
                        return createChild;
                    }
                }, iiopListener);
            } catch (TransactionFailure e) {
                reportError(actionReport, e);
            }
            reportSuccess(actionReport);
        }
    }

    private void addSslToIIOPService(Config config, ActionReport actionReport) {
        IiopService iiopService = config.getIiopService();
        if (iiopService.getSslClientConfig() != null) {
            actionReport.setMessage(localStrings.getLocalString("create.ssl.iiopsvc.alreadyExists", "IIOP Service already has been configured with SSL configuration."));
            actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
        } else {
            try {
                ConfigSupport.apply(new SingleConfigCode<IiopService>() { // from class: com.sun.enterprise.v3.admin.CreateSsl.2
                    public Object run(IiopService iiopService2) throws PropertyVetoException, TransactionFailure {
                        SslClientConfig createChild = iiopService2.createChild(SslClientConfig.class);
                        Ssl createChild2 = createChild.createChild(Ssl.class);
                        CreateSsl.this.populateSslElement(createChild2);
                        createChild.setSsl(createChild2);
                        iiopService2.setSslClientConfig(createChild);
                        return createChild2;
                    }
                }, iiopService);
            } catch (TransactionFailure e) {
                reportError(actionReport, e);
            }
        }
    }

    private void addSslToNetworkListener(Config config, ActionReport actionReport) {
        Protocol findHttpProtocol;
        NetworkListener networkListener = config.getNetworkConfig().getNetworkListener(this.listenerId);
        try {
            if (networkListener == null) {
                actionReport.setMessage(localStrings.getLocalString("create.ssl.http.notfound", "Network Listener named {0} does not exist.  Creating or using the named protocol element instead.", new Object[]{this.listenerId}));
                findHttpProtocol = findOrCreateProtocol(this.listenerId);
            } else {
                findHttpProtocol = networkListener.findHttpProtocol();
                if (findHttpProtocol.getSsl() != null) {
                    actionReport.setMessage(localStrings.getLocalString("create.ssl.http.alreadyExists", "Network Listener named {0} to which this ssl element is being added already has an ssl element.", new Object[]{this.listenerId}));
                    actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
                    return;
                }
            }
            ConfigSupport.apply(new SingleConfigCode<Protocol>() { // from class: com.sun.enterprise.v3.admin.CreateSsl.3
                public Object run(Protocol protocol) throws TransactionFailure {
                    Ssl createChild = protocol.createChild(Ssl.class);
                    CreateSsl.this.populateSslElement(createChild);
                    protocol.setSsl(createChild);
                    return createChild;
                }
            }, findHttpProtocol);
        } catch (TransactionFailure e) {
            reportError(actionReport, e);
        }
        reportSuccess(actionReport);
    }

    private void reportError(ActionReport actionReport, TransactionFailure transactionFailure) {
        actionReport.setMessage(localStrings.getLocalString("create.ssl.fail", "Creation of Ssl in {0} failed", new Object[]{this.listenerId}));
        actionReport.setActionExitCode(ActionReport.ExitCode.FAILURE);
        actionReport.setFailureCause(transactionFailure);
    }

    private void reportSuccess(ActionReport actionReport) {
        actionReport.setActionExitCode(ActionReport.ExitCode.SUCCESS);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void populateSslElement(Ssl ssl) {
        ssl.setCertNickname(this.certName);
        ssl.setClientAuthEnabled(this.clientauthenabled.toString());
        ssl.setSsl2Ciphers(this.ssl2ciphers);
        ssl.setSsl2Enabled(this.ssl2Enabled.toString());
        ssl.setSsl3Enabled(this.ssl3Enabled.toString());
        ssl.setSsl3TlsCiphers(this.ssl3tlsciphers);
        ssl.setClassname(GF_SSL_IMPL_NAME);
        ssl.setTlsEnabled(this.tlsenabled.toString());
        ssl.setTlsRollbackEnabled(this.tlsrollbackenabled.toString());
    }

    private Protocol findOrCreateProtocol(final String str) throws TransactionFailure {
        Protocol findProtocol = this.config.getNetworkConfig().findProtocol(str);
        if (findProtocol == null) {
            findProtocol = (Protocol) ConfigSupport.apply(new SingleConfigCode<Protocols>() { // from class: com.sun.enterprise.v3.admin.CreateSsl.4
                public Object run(Protocols protocols) throws TransactionFailure {
                    Protocol createChild = protocols.createChild(Protocol.class);
                    createChild.setName(str);
                    createChild.setSecurityEnabled("true");
                    protocols.getProtocol().add(createChild);
                    return createChild;
                }
            }, (ConfigBeanProxy) this.habitat.getComponent(Protocols.class));
        }
        return findProtocol;
    }
}
