package com.sun.slamd.example;

import antlr.GrammarAnalyzer;
import com.sun.slamd.common.Constants;
import com.sun.slamd.job.JobClass;
import com.sun.slamd.job.UnableToRunException;
import com.sun.slamd.parameter.BooleanParameter;
import com.sun.slamd.parameter.FileURLParameter;
import com.sun.slamd.parameter.IntegerParameter;
import com.sun.slamd.parameter.InvalidValueException;
import com.sun.slamd.parameter.Parameter;
import com.sun.slamd.parameter.ParameterList;
import com.sun.slamd.parameter.PasswordParameter;
import com.sun.slamd.parameter.PlaceholderParameter;
import com.sun.slamd.parameter.StringParameter;
import com.sun.slamd.stat.IncrementalTracker;
import com.sun.slamd.stat.PeriodicEventTracker;
import com.sun.slamd.stat.RealTimeStatReporter;
import com.sun.slamd.stat.StatTracker;
import com.sun.slamd.stat.TimeTracker;
import java.net.URL;
import java.util.Date;
import java.util.Random;
import netscape.ldap.LDAPAttribute;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPConstraints;
import netscape.ldap.LDAPDN;
import netscape.ldap.LDAPEntry;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPSearchConstraints;
import netscape.ldap.LDAPSearchResults;
import netscape.ldap.LDAPv3;
import netscape.ldap.factory.JSSESocketFactory;

/* JADX WARN: Classes with same name are omitted:
  input_file:118641-01/profiler.nbm:netbeans/modules/profiler/slamd/slamd.war:WEB-INF/classes/com/sun/slamd/example/DigestMD5AuthRateJobClass.class
 */
/* loaded from: input_file:118641-01/profiler.nbm:netbeans/modules/profiler/slamd/slamd_client/classes/com/sun/slamd/example/DigestMD5AuthRateJobClass.class */
public class DigestMD5AuthRateJobClass extends JobClass {
    public static final int MEMBERSHIP_TYPE_NONE = 0;
    public static final int MEMBERSHIP_TYPE_STATIC = 1;
    public static final int MEMBERSHIP_TYPE_DYNAMIC = 2;
    public static final int MEMBERSHIP_TYPE_ROLE = 3;
    public static final String DEFAULT_LOG_ID_ATTR = "uid";
    public static final String ROLE_ATTR = "nsRole";
    public static final String SSL_KEY_STORE_PROPERTY = "javax.net.ssl.keyStore";
    public static final String SSL_KEY_PASSWORD_PROPERTY = "javax.net.ssl.keyStorePassword";
    public static final String SSL_TRUST_STORE_PROPERTY = "javax.net.ssl.trustStore";
    public static final String SSL_TRUST_PASSWORD_PROPERTY = "javax.net.ssl.trustStorePassword";
    public static final String STAT_TRACKER_AUTHENTICATION_ATTEMPTS = "Authentication Attempts";
    public static final String STAT_TRACKER_AUTHENTICATION_TIME = "Authentication Time";
    public static final String STAT_TRACKER_FAILED_AUTHENTICATIONS = "Failed Authentications";
    public static final String STAT_TRACKER_SUCCESSFUL_AUTHENTICATIONS = "Successful Authentications";
    public static final String[] NO_ATTRS = {LDAPv3.NO_ATTRS};
    static boolean blindTrust;
    static boolean ignoreInvalidCredentials;
    static boolean useDataFile;
    static boolean useLoginIDRange;
    static boolean useSequential;
    static boolean useSSL;
    static boolean useSharedConnections;
    static int coolDownTime;
    static int directoryPort;
    static int loginIDMax;
    static int loginIDMin;
    static int loginIDSpan;
    static int membershipType;
    static int sequentialCounter;
    static int timeLimit;
    static int warmUpTime;
    static long delay;
    static LDAPConnection sharedAuthConnection;
    static Random parentRandom;
    static String bindDN;
    static String bindPW;
    static String directoryHost;
    static String loginIDAttr;
    static String loginIDFinal;
    static String loginIDInitial;
    static String loginPassword;
    static String membershipDN;
    static String membershipURLBase;
    static String membershipURLFilter;
    static String searchBase;
    static String sslKeyStore;
    static String sslKeyPassword;
    static String sslTrustStore;
    static String sslTrustPassword;
    static String[] loginIDs;
    static String[] loginPasswords;
    BooleanParameter blindTrustParameter = new BooleanParameter("blind_trust", "Blindly Trust Any Certificate", "Indicates whether the client should blindly trust any certificate presented by the server, or whether the key and trust stores should be used.", true);
    BooleanParameter ignoreInvCredParameter = new BooleanParameter("ignore_49", "Ignore Invalid Credentials Errors", "Indicates whether bind failures because of invalid credentials (err=49).  This makes it possible to use this job without actually know user passwords.", false);
    BooleanParameter shareConnsParameter = new BooleanParameter("share_conns", "Share Connections between Threads", "Indicates whether the connections to the directory server will be shared between threads or if each client thread will have its own connections.", true);
    BooleanParameter useSSLParameter = new BooleanParameter("usessl", "Use SSL", "Indicates whether SSL should be used for all communication with the directory server", false);
    FileURLParameter loginDataFileParameter = new FileURLParameter("login_data_file", "Login Data File URL", "The URL (FILE or HTTP) of the file containing the login IDs and passwords to use for the authentication.", (URL) null, false);
    IntegerParameter coolDownParameter = new IntegerParameter("cool_down", "Cool Down Time", "The time in seconds that the job should continue searching after ending statistics collection.", true, 0, true, 0, false, 0);
    IntegerParameter delayParameter = new IntegerParameter("delay", "Time Between Authentications (ms)", "Specifies the length of time in milliseconds each thread should wait between authentication attempts.  Note that this delay will be between the starts of consecutive attempts and not between the end of one attempt and the beginning of the next.  If an authentication takes longer than this length of time, then there will be no delay.", true, 0, true, 0, false, 0);
    IntegerParameter portParameter = new IntegerParameter("ldap_port", "Directory Server Port", "The port number for the directory server.", true, 389, true, 1, true, 65535);
    IntegerParameter timeLimitParameter = new IntegerParameter("time_limit", "Operation Time Limit", "The maximum length of time in seconds that any single LDAP operation will be allowed to take before it is cancelled.", true, 0, true, 0, false, 0);
    IntegerParameter warmUpParameter = new IntegerParameter("warm_up", "Warm Up Time", "The time in seconds that the job should search before beginning statistics collection.", true, 0, true, 0, false, 0);
    PasswordParameter bindPWParameter = new PasswordParameter("bindpw", "Directory Bind Password", "The password to use when binding to the directory server to perform search and modify operations.", false, "");
    PasswordParameter loginPasswordParameter = new PasswordParameter("login_id_pw", "Login Password", "The password to use when authenticating to the directory for user authentications.", false, "");
    PasswordParameter keyPWParameter = new PasswordParameter("sslkeypw", "SSL Key Store Password", "The password for the JSSE key store", false, "");
    PasswordParameter trustPWParameter = new PasswordParameter("ssltrustpw", "SSL Trust Store Password", "The password for the JSSE trust store", false, "");
    PlaceholderParameter placeholder = new PlaceholderParameter();
    StringParameter bindDNParameter = new StringParameter("binddn", "Directory Bind DN", "The DN to use when binding to the directory server to perform search and modify operations.", false, "");
    StringParameter hostParameter = new StringParameter("ldap_host", "Directory Server Address", "The address for the directory server.", true, "");
    StringParameter keyStoreParameter = new StringParameter("sslkeystore", "SSL Key Store", "The path to the JSSE key store to use for an SSL-based connection", false, "");
    StringParameter loginIDParameter = new StringParameter("login_id_attr", "Login ID Attribute", "The attribute to use as the login ID to find the user's entry.", true, "uid");
    StringParameter loginIDValueParameter = new StringParameter("login_id_value", "Login ID Value", "The text to use as the value of the login ID attribute in search filters.  The value may contain a range of numbers in square brackets.", false, "");
    StringParameter membershipDNParameter = new StringParameter("membership_dn", "Membership DN", "The DN of a static group, dynamic group, or role for which to determine whether the user is a member.", false, "");
    StringParameter searchBaseParameter = new StringParameter("search_base", "User Search Base", "The DN in the directory server under which user entries may be found.", true, "");
    StringParameter trustStoreParameter = new StringParameter("ssltruststore", "SSL Trust Store", "The path to the JSSE trust store to use for an SSL-based connection", false, "");
    IncrementalTracker attemptCounter;
    IncrementalTracker failureCounter;
    IncrementalTracker successCounter;
    LDAPConnection authConnection;
    LDAPConnection bindConnection;
    LDAPConstraints authConstraints;
    LDAPConstraints bindConstraints;
    LDAPDigestMD5SocketFactory socketFactory;
    LDAPSearchConstraints authSearchConstraints;
    Random random;
    TimeTracker authTimer;

    @Override // com.sun.slamd.job.JobClass
    public String getJobName() {
        return "LDAP DIGEST-MD5 Auth Rate";
    }

    @Override // com.sun.slamd.job.JobClass
    public String getJobDescription() {
        return "This job performs repeated DIGEST-MD5 authentications against an LDAP directory server, optionally including a lookup to verify that the user is a member of an indicated group or role.";
    }

    @Override // com.sun.slamd.job.JobClass
    public String getJobCategoryName() {
        return "LDAP";
    }

    @Override // com.sun.slamd.job.JobClass
    public ParameterList getParameterStubs() {
        return new ParameterList(new Parameter[]{this.placeholder, this.hostParameter, this.portParameter, this.bindDNParameter, this.bindPWParameter, this.placeholder, this.searchBaseParameter, this.loginDataFileParameter, this.loginIDValueParameter, this.loginPasswordParameter, this.loginIDParameter, this.membershipDNParameter, this.placeholder, this.warmUpParameter, this.coolDownParameter, this.timeLimitParameter, this.delayParameter, this.placeholder, this.useSSLParameter, this.blindTrustParameter, this.keyStoreParameter, this.keyPWParameter, this.trustStoreParameter, this.trustPWParameter, this.ignoreInvCredParameter, this.shareConnsParameter});
    }

    @Override // com.sun.slamd.job.JobClass
    public StatTracker[] getStatTrackerStubs(String str, String str2, int i) {
        return new StatTracker[]{new IncrementalTracker(str, str2, "Authentication Attempts", i), new IncrementalTracker(str, str2, "Successful Authentications", i), new IncrementalTracker(str, str2, "Failed Authentications", i), new TimeTracker(str, str2, "Authentication Time", i)};
    }

    @Override // com.sun.slamd.job.JobClass
    public StatTracker[] getStatTrackers() {
        return new StatTracker[]{this.attemptCounter, this.successCounter, this.failureCounter, this.authTimer};
    }

    @Override // com.sun.slamd.job.JobClass
    public void validateJobInfo(int i, int i2, int i3, Date date, Date date2, int i4, int i5, ParameterList parameterList) throws InvalidValueException {
        FileURLParameter fileURLParameter = parameterList.getFileURLParameter(this.loginDataFileParameter.getName());
        if (fileURLParameter == null || !fileURLParameter.hasValue()) {
            StringParameter stringParameter = parameterList.getStringParameter(this.loginIDValueParameter.getName());
            PasswordParameter passwordParameter = parameterList.getPasswordParameter(this.loginPasswordParameter.getName());
            if (stringParameter == null || !stringParameter.hasValue() || passwordParameter == null || !passwordParameter.hasValue()) {
                throw new InvalidValueException("You must specify either a login data file URL or a login ID value and password");
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:179:0x06ac, code lost:
    
        com.sun.slamd.example.DigestMD5AuthRateJobClass.membershipType = 1;
     */
    @Override // com.sun.slamd.job.JobClass
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void initializeClient(java.lang.String r8, com.sun.slamd.parameter.ParameterList r9) throws com.sun.slamd.job.UnableToRunException {
        /*
            Method dump skipped, instructions count: 1989
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sun.slamd.example.DigestMD5AuthRateJobClass.initializeClient(java.lang.String, com.sun.slamd.parameter.ParameterList):void");
    }

    @Override // com.sun.slamd.job.JobClass
    public void initializeThread(String str, String str2, int i, ParameterList parameterList) throws UnableToRunException {
        this.random = new Random(parentRandom.nextLong());
        if (useSharedConnections) {
            this.authConnection = sharedAuthConnection;
        } else {
            if (!useSSL) {
                this.authConnection = new LDAPConnection();
            } else if (blindTrust) {
                try {
                    this.authConnection = new LDAPConnection(new JSSEBlindTrustSocketFactory());
                } catch (LDAPException e) {
                    throw new UnableToRunException(e.getMessage(), e);
                }
            } else {
                this.authConnection = new LDAPConnection(new JSSESocketFactory(null));
            }
            try {
                this.authConnection.connect(3, directoryHost, directoryPort, bindDN, bindPW);
            } catch (Exception e2) {
                throw new UnableToRunException(new StringBuffer().append("Unable to establish the connections to the directory server:  ").append(e2).toString(), e2);
            }
        }
        try {
            this.socketFactory = new LDAPDigestMD5SocketFactory();
            if (useSSL) {
                if (blindTrust) {
                    try {
                        this.socketFactory.setAdditionalSocketFactory(new JSSEBlindTrustSocketFactory());
                    } catch (LDAPException e3) {
                        throw new UnableToRunException(e3.getMessage(), e3);
                    }
                } else {
                    this.socketFactory.setAdditionalSocketFactory(new JSSESocketFactory(null));
                }
            }
            this.authConstraints = this.authConnection.getConstraints();
            this.authSearchConstraints = this.authConnection.getSearchConstraints();
            this.authConstraints.setTimeLimit(PeriodicEventTracker.ARRAY_SIZE_INCREMENT * timeLimit);
            this.authSearchConstraints.setTimeLimit(PeriodicEventTracker.ARRAY_SIZE_INCREMENT * timeLimit);
            this.authSearchConstraints.setServerTimeLimit(timeLimit);
            this.attemptCounter = new IncrementalTracker(str, str2, "Authentication Attempts", i);
            this.successCounter = new IncrementalTracker(str, str2, "Successful Authentications", i);
            this.failureCounter = new IncrementalTracker(str, str2, "Failed Authentications", i);
            this.authTimer = new TimeTracker(str, str2, "Authentication Time", i);
            RealTimeStatReporter statReporter = getStatReporter();
            if (statReporter != null) {
                String jobID = getJobID();
                this.attemptCounter.enableRealTimeStats(statReporter, jobID);
                this.successCounter.enableRealTimeStats(statReporter, jobID);
                this.failureCounter.enableRealTimeStats(statReporter, jobID);
                this.authTimer.enableRealTimeStats(statReporter, jobID);
            }
        } catch (Exception e4) {
            throw new UnableToRunException(new StringBuffer().append("Could not create DIGEST-MD5 socket factory -- ").append(e4).toString(), e4);
        }
    }

    @Override // com.sun.slamd.job.JobClass
    public void runJob() {
        boolean z = false;
        long currentTimeMillis = System.currentTimeMillis() + (PeriodicEventTracker.ARRAY_SIZE_INCREMENT * warmUpTime);
        long j = Long.MAX_VALUE;
        if (coolDownTime > 0 && getShouldStopTime() > 0) {
            j = getShouldStopTime() - (PeriodicEventTracker.ARRAY_SIZE_INCREMENT * coolDownTime);
        }
        long j2 = 0;
        while (!shouldStop()) {
            long currentTimeMillis2 = System.currentTimeMillis();
            if (!z && currentTimeMillis2 >= currentTimeMillis && currentTimeMillis2 <= j) {
                this.attemptCounter.startTracker();
                this.successCounter.startTracker();
                this.failureCounter.startTracker();
                this.authTimer.startTracker();
                z = true;
            } else if (z && currentTimeMillis2 >= j) {
                this.attemptCounter.stopTracker();
                this.successCounter.stopTracker();
                this.failureCounter.stopTracker();
                this.authTimer.stopTracker();
                z = false;
            }
            if (delay > 0 && j2 > 0) {
                long currentTimeMillis3 = delay - (System.currentTimeMillis() - j2);
                if (currentTimeMillis3 > 0) {
                    try {
                        Thread.sleep(currentTimeMillis3);
                    } catch (InterruptedException e) {
                    }
                    if (shouldStop()) {
                        break;
                    }
                }
            }
            String[] loginInfo = getLoginInfo();
            String str = loginInfo[0];
            String str2 = loginInfo[1];
            if (delay > 0) {
                j2 = System.currentTimeMillis();
            }
            if (z) {
                this.attemptCounter.increment();
                this.authTimer.startTimer();
            }
            LDAPEntry lDAPEntry = null;
            try {
                LDAPSearchResults search = this.authConnection.search(searchBase, 2, new StringBuffer().append("(").append(loginIDAttr).append(Constants.JOB_PARAM_DELIMITER_STRING).append(str).append(")").toString(), (membershipDN == null || membershipType != 3) ? NO_ATTRS : new String[]{"nsRole"}, false, this.authSearchConstraints);
                while (search.hasMoreElements()) {
                    Object nextElement = search.nextElement();
                    if (nextElement instanceof LDAPEntry) {
                        lDAPEntry = (LDAPEntry) nextElement;
                    }
                }
                if (lDAPEntry != null) {
                    try {
                        this.socketFactory.setAuthenticationInfo(new StringBuffer().append("dn:").append(lDAPEntry.getDN()).toString(), str2);
                        this.bindConnection = new LDAPConnection(this.socketFactory);
                        this.bindConnection.connect(directoryHost, directoryPort);
                        this.bindConnection.disconnect();
                    } catch (LDAPException e2) {
                        if (!ignoreInvalidCredentials || e2.getLDAPResultCode() != 49) {
                            if (z) {
                                this.failureCounter.increment();
                                this.authTimer.stopTimer();
                            }
                        }
                    }
                    if (membershipDN != null) {
                        if (isMember(lDAPEntry)) {
                            if (z) {
                                this.successCounter.increment();
                                this.authTimer.stopTimer();
                            }
                        } else if (z) {
                            this.failureCounter.increment();
                            this.authTimer.stopTimer();
                        }
                    } else if (z) {
                        this.successCounter.increment();
                        this.authTimer.stopTimer();
                    }
                } else if (z) {
                    this.failureCounter.increment();
                    this.authTimer.stopTimer();
                }
            } catch (LDAPException e3) {
                if (z) {
                    this.failureCounter.increment();
                    this.authTimer.stopTimer();
                }
            }
        }
        if (z) {
            this.attemptCounter.stopTracker();
            this.successCounter.stopTracker();
            this.failureCounter.stopTracker();
            this.authTimer.stopTracker();
        }
        if (useSharedConnections) {
            return;
        }
        try {
            this.authConnection.disconnect();
        } catch (Exception e4) {
        }
        try {
            this.bindConnection.disconnect();
        } catch (Exception e5) {
        }
    }

    @Override // com.sun.slamd.job.JobClass, java.lang.Thread
    public void destroy() {
        if (this.authConnection != null) {
            try {
                this.authConnection.disconnect();
            } catch (Exception e) {
            }
            this.authConnection = null;
        }
        if (this.bindConnection != null) {
            try {
                this.bindConnection.disconnect();
            } catch (Exception e2) {
            }
            this.bindConnection = null;
        }
    }

    @Override // com.sun.slamd.job.JobClass
    public void finalizeClient() {
        if (useSharedConnections) {
            try {
                sharedAuthConnection.disconnect();
            } catch (Exception e) {
            }
        }
    }

    public boolean isMember(LDAPEntry lDAPEntry) {
        String[] stringValueArray;
        switch (membershipType) {
            case 1:
                String dn = lDAPEntry.getDN();
                try {
                    LDAPSearchResults search = this.authConnection.search(membershipDN, 0, new StringBuffer().append("(|(&(objectclass=groupOfNames)(member=").append(dn).append("))(&(objectClass=groupOfUniqueNames)(uniqueMember=").append(dn).append(")))").toString(), NO_ATTRS, false);
                    while (search.hasMoreElements()) {
                        if (search.nextElement() instanceof LDAPEntry) {
                            return true;
                        }
                    }
                    return false;
                } catch (Exception e) {
                    return false;
                }
            case 2:
                String normalize = LDAPDN.normalize(lDAPEntry.getDN());
                if (!normalize.endsWith(membershipURLBase)) {
                    return false;
                }
                try {
                    LDAPSearchResults search2 = this.authConnection.search(normalize, 0, membershipURLFilter, NO_ATTRS, false);
                    while (search2.hasMoreElements()) {
                        if (search2.nextElement() instanceof LDAPEntry) {
                            return true;
                        }
                    }
                    return false;
                } catch (Exception e2) {
                    return false;
                }
            case 3:
                LDAPAttribute attribute = lDAPEntry.getAttribute("nsRole");
                if (attribute == null || (stringValueArray = attribute.getStringValueArray()) == null || stringValueArray.length == 0) {
                    return false;
                }
                for (String str : stringValueArray) {
                    if (LDAPDN.normalize(str).equals(membershipDN)) {
                        return true;
                    }
                }
                return false;
            default:
                return false;
        }
    }

    public String[] getLoginInfo() {
        int nextInt;
        String[] strArr = new String[2];
        if (useDataFile) {
            int nextInt2 = (this.random.nextInt() & GrammarAnalyzer.NONDETERMINISTIC) % loginIDs.length;
            strArr[0] = loginIDs[nextInt2];
            strArr[1] = loginPasswords[nextInt2];
        } else if (useLoginIDRange) {
            if (useSequential) {
                int i = sequentialCounter;
                sequentialCounter = i + 1;
                nextInt = i;
                if (sequentialCounter > loginIDMax) {
                    sequentialCounter = loginIDMin;
                }
            } else {
                nextInt = ((this.random.nextInt() & GrammarAnalyzer.NONDETERMINISTIC) % loginIDSpan) + loginIDMin;
            }
            strArr[0] = new StringBuffer().append(loginIDInitial).append(nextInt).append(loginIDFinal).toString();
            strArr[1] = loginPassword;
        } else {
            strArr[0] = loginIDInitial;
            strArr[1] = loginPassword;
        }
        return strArr;
    }
}
