package org.globus.cog.abstraction.impl.execution.ssh;

import com.sshtools.common.hosts.AbstractHostKeyVerification;
import com.sshtools.j2ssh.SshClient;
import com.sshtools.j2ssh.authentication.PasswordAuthenticationClient;
import com.sshtools.j2ssh.authentication.PublicKeyAuthenticationClient;
import com.sshtools.j2ssh.configuration.ConfigurationLoader;
import com.sshtools.j2ssh.configuration.SshConnectionProperties;
import com.sshtools.j2ssh.transport.InvalidHostFileException;
import com.sshtools.j2ssh.transport.cipher.SshCipherFactory;
import com.sshtools.j2ssh.transport.hmac.SshHmacFactory;
import com.sshtools.j2ssh.transport.publickey.SshPrivateKey;
import com.sshtools.j2ssh.transport.publickey.SshPrivateKeyFile;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import org.apache.log4j.Logger;
import org.globus.cog.abstraction.impl.common.execution.JobException;
import org.globus.cog.abstraction.impl.common.task.IllegalSpecException;
import org.globus.cog.abstraction.impl.common.task.InvalidSecurityContextException;
import org.globus.cog.abstraction.impl.common.task.InvalidServiceContactException;
import org.globus.cog.abstraction.impl.common.task.TaskSubmissionException;

/* loaded from: input_file:org/globus/cog/abstraction/impl/execution/ssh/Ssh.class */
public class Ssh {
    static Logger logger;
    protected String host;
    protected String username;
    protected String password;
    protected String keyfile;
    protected String passphrase;
    protected String cipher;
    protected String mac;
    protected String fingerprint;
    protected SshClient ssh;
    protected String sshtoolsHome;
    static Class class$org$globus$cog$abstraction$impl$execution$ssh$Ssh;
    protected int port = 22;
    protected String logfile = "ssh.log";
    protected boolean verifyhost = true;
    protected boolean always = false;
    protected boolean output = true;
    protected boolean error = true;

    public void execute() throws IllegalSpecException, InvalidSecurityContextException, InvalidServiceContactException, TaskSubmissionException, JobException {
        try {
            if (this.host == null) {
                throw new InvalidServiceContactException("You must provide a host to connect to.");
            }
            if (this.username == null) {
                throw new InvalidSecurityContextException("You must supply a username for authentication.");
            }
            if (this.password == null && this.keyfile == null) {
                throw new InvalidSecurityContextException("You must supply either a password or keyfile/passphrase to authenticate!");
            }
            if (this.verifyhost && this.fingerprint == null) {
                throw new InvalidSecurityContextException("Public key fingerprint required to verify the host");
            }
            if (System.getProperty("sshtools.home") != null || this.sshtoolsHome == null) {
            }
            if (this.sshtoolsHome != null) {
                System.setProperty("sshtools.home", this.sshtoolsHome);
            }
            logger.debug("Initializing J2SSH");
            if (this.logfile != null) {
                System.setProperty("sshtools.logfile", this.logfile);
            }
            ConfigurationLoader.initialize(false);
            logger.debug(new StringBuffer().append("Creating connection to ").append(this.host).append(":").append(String.valueOf(this.port)).toString());
            if (this.ssh == null) {
                this.ssh = new SshClient();
                SshConnectionProperties sshConnectionProperties = new SshConnectionProperties();
                sshConnectionProperties.setHost(this.host);
                sshConnectionProperties.setPort(this.port);
                sshConnectionProperties.setUsername(this.username);
                if (this.cipher != null) {
                    if (SshCipherFactory.getSupportedCiphers().contains(this.cipher)) {
                        sshConnectionProperties.setPrefSCEncryption(this.cipher);
                        sshConnectionProperties.setPrefCSEncryption(this.cipher);
                    } else {
                        logger.debug(new StringBuffer().append(this.cipher).append(" is not a supported cipher, using default ").append(SshCipherFactory.getDefaultCipher()).toString());
                    }
                }
                if (this.mac != null) {
                    if (SshHmacFactory.getSupportedMacs().contains(this.mac)) {
                        sshConnectionProperties.setPrefCSMac(this.mac);
                        sshConnectionProperties.setPrefSCMac(this.mac);
                    } else {
                        logger.debug(new StringBuffer().append(this.mac).append(" is not a supported mac, using default ").append(SshHmacFactory.getDefaultHmac()).toString());
                    }
                }
                logger.debug("Connecting....");
                this.ssh.connect(sshConnectionProperties, new AbstractHostKeyVerification(this) { // from class: org.globus.cog.abstraction.impl.execution.ssh.Ssh.1
                    private final Ssh this$0;

                    {
                        this.this$0 = this;
                    }

                    public void onUnknownHost(String str, String str2) throws InvalidHostFileException {
                        if (!this.this$0.verifyhost) {
                            allowHost(str, str2, this.this$0.always);
                        } else if (str2.equalsIgnoreCase(this.this$0.fingerprint)) {
                            allowHost(str, str2, this.this$0.always);
                        }
                    }

                    public void onHostKeyMismatch(String str, String str2, String str3) throws InvalidHostFileException {
                        if (!this.this$0.verifyhost) {
                            allowHost(str, str3, this.this$0.always);
                        } else if (str3.equalsIgnoreCase(this.this$0.fingerprint)) {
                            allowHost(str, str3, this.this$0.always);
                        }
                    }

                    public void onDeniedHost(String str) {
                        Ssh.logger.debug("The server host key is denied!");
                    }
                });
                boolean z = false;
                logger.debug(new StringBuffer().append("Authenticating ").append(this.username).toString());
                if (this.keyfile != null) {
                    logger.debug("Performing public key authentication");
                    PublicKeyAuthenticationClient publicKeyAuthenticationClient = new PublicKeyAuthenticationClient();
                    SshPrivateKeyFile parse = SshPrivateKeyFile.parse(new File(this.keyfile));
                    if (parse.isPassphraseProtected() && this.passphrase == null) {
                        throw new InvalidSecurityContextException("Private key file is passphrase protected, please supply a valid passphrase");
                    }
                    SshPrivateKey privateKey = parse.toPrivateKey(this.passphrase);
                    publicKeyAuthenticationClient.setUsername(this.username);
                    publicKeyAuthenticationClient.setKey(privateKey);
                    int authenticate = this.ssh.authenticate(publicKeyAuthenticationClient);
                    if (authenticate == 4) {
                        z = true;
                    } else {
                        if (authenticate != 3) {
                            throw new InvalidSecurityContextException("Public Key Authentication failed");
                        }
                        logger.debug("Public key authentication completed, attempting password authentication");
                    }
                }
                if (this.password != null && !z) {
                    logger.debug("Performing password authentication");
                    PasswordAuthenticationClient passwordAuthenticationClient = new PasswordAuthenticationClient();
                    passwordAuthenticationClient.setUsername(this.username);
                    passwordAuthenticationClient.setPassword(this.password);
                    int authenticate2 = this.ssh.authenticate(passwordAuthenticationClient);
                    if (authenticate2 == 4) {
                        logger.debug("Authentication complete");
                    } else {
                        if (authenticate2 != 3) {
                            throw new InvalidSecurityContextException("Password Authentication failed");
                        }
                        logger.error("Password Authentication succeeded but further authentication required!");
                    }
                }
            }
        } catch (IOException e) {
            logger.debug(e);
            throw new TaskSubmissionException(new StringBuffer().append("SSH Connection failed: ").append(e.getMessage()).toString());
        }
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setPort(int i) {
        this.port = i;
    }

    public void setHost(String str) {
        this.host = str;
    }

    public void setKeyfile(String str) {
        this.keyfile = str;
    }

    public void setPassphrase(String str) {
        this.passphrase = str;
    }

    public void setCipher(String str) {
        this.cipher = str;
    }

    public void setMac(String str) {
        this.mac = str;
    }

    public void setLogfile(String str) {
        this.logfile = str;
    }

    public void setVerifyhost(boolean z) {
        this.verifyhost = z;
    }

    public void setAlways(boolean z) {
        this.always = z;
    }

    public void setSshtoolshome(String str) {
        this.sshtoolsHome = str;
    }

    public boolean getError() {
        return this.error;
    }

    public boolean getOutput() {
        return this.output;
    }

    public void setError(boolean z) {
        this.error = z;
    }

    public void setOutput(boolean z) {
        this.output = z;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        if (class$org$globus$cog$abstraction$impl$execution$ssh$Ssh == null) {
            cls = class$("org.globus.cog.abstraction.impl.execution.ssh.Ssh");
            class$org$globus$cog$abstraction$impl$execution$ssh$Ssh = cls;
        } else {
            cls = class$org$globus$cog$abstraction$impl$execution$ssh$Ssh;
        }
        logger = Logger.getLogger(cls.getName());
        if (System.getProperty("sshtools.home") == null) {
            System.setProperty("sshtools.home", new StringBuffer().append(System.getProperty("user.home")).append(File.separator).append(".globus").toString());
        }
        File file = new File(System.getProperty("sshtools.home"), "conf");
        if (file.exists()) {
            if (!file.isDirectory()) {
                throw new RuntimeException(new StringBuffer().append("Cannot create directory: ").append(file.getAbsolutePath()).append(". A file with that name already exists").toString());
            }
        } else if (!file.mkdirs()) {
            throw new RuntimeException(new StringBuffer().append("Cannot create ").append(file.getAbsolutePath()).append(". Please check if you have a .globus directory").append("in your home directory, and that it is writable").toString());
        }
        File file2 = new File(file, "hosts.xml");
        if (file2.exists()) {
            return;
        }
        try {
            FileWriter fileWriter = new FileWriter(file2);
            fileWriter.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
            fileWriter.write("<HostAuthorizations>\n");
            fileWriter.write("<!-- please consult the j2ssh documentation for details on this file -->\n");
            fileWriter.write("</HostAuthorizations>\n");
            fileWriter.close();
        } catch (IOException e) {
            throw new RuntimeException("Cannot create hosts.xml file. Please check if you have a .globus directoryin your home directory, and that it is writable", e);
        }
    }
}
