package ch.cyberduck.core.sftp;

import ch.cyberduck.core.AuthenticationProvider;
import ch.cyberduck.core.BookmarkNameProvider;
import ch.cyberduck.core.ConnectionCallback;
import ch.cyberduck.core.Credentials;
import ch.cyberduck.core.Host;
import ch.cyberduck.core.HostKeyCallback;
import ch.cyberduck.core.HostPasswordStore;
import ch.cyberduck.core.HostnameConfiguratorFactory;
import ch.cyberduck.core.ListService;
import ch.cyberduck.core.LocaleFactory;
import ch.cyberduck.core.LoginCallback;
import ch.cyberduck.core.PreferencesUseragentProvider;
import ch.cyberduck.core.Session;
import ch.cyberduck.core.TranscriptListener;
import ch.cyberduck.core.cdn.DistributionConfiguration;
import ch.cyberduck.core.cloudfront.CustomOriginCloudFrontDistributionConfiguration;
import ch.cyberduck.core.exception.BackgroundException;
import ch.cyberduck.core.exception.ChecksumException;
import ch.cyberduck.core.exception.ConnectionCanceledException;
import ch.cyberduck.core.exception.InteroperabilityException;
import ch.cyberduck.core.exception.LoginCanceledException;
import ch.cyberduck.core.exception.LoginFailureException;
import ch.cyberduck.core.features.AttributesFinder;
import ch.cyberduck.core.features.Command;
import ch.cyberduck.core.features.Compress;
import ch.cyberduck.core.features.Delete;
import ch.cyberduck.core.features.Directory;
import ch.cyberduck.core.features.Find;
import ch.cyberduck.core.features.Home;
import ch.cyberduck.core.features.Move;
import ch.cyberduck.core.features.Quota;
import ch.cyberduck.core.features.Read;
import ch.cyberduck.core.features.Symlink;
import ch.cyberduck.core.features.Timestamp;
import ch.cyberduck.core.features.Touch;
import ch.cyberduck.core.features.UnixPermission;
import ch.cyberduck.core.features.Write;
import ch.cyberduck.core.preferences.Preferences;
import ch.cyberduck.core.preferences.PreferencesFactory;
import ch.cyberduck.core.proxy.Proxy;
import ch.cyberduck.core.proxy.ProxySocketFactory;
import ch.cyberduck.core.sftp.auth.SFTPAgentAuthentication;
import ch.cyberduck.core.sftp.auth.SFTPChallengeResponseAuthentication;
import ch.cyberduck.core.sftp.auth.SFTPNoneAuthentication;
import ch.cyberduck.core.sftp.auth.SFTPPasswordAuthentication;
import ch.cyberduck.core.sftp.auth.SFTPPublicKeyAuthentication;
import ch.cyberduck.core.sftp.openssh.OpenSSHAgentAuthenticator;
import ch.cyberduck.core.sftp.putty.PageantAuthenticator;
import ch.cyberduck.core.ssl.DefaultTrustManagerHostnameCallback;
import ch.cyberduck.core.threading.CancelCallback;
import java.io.IOException;
import java.security.PublicKey;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import javax.net.SocketFactory;
import net.schmizz.concurrent.Promise;
import net.schmizz.keepalive.KeepAliveProvider;
import net.schmizz.sshj.Config;
import net.schmizz.sshj.DefaultConfig;
import net.schmizz.sshj.SSHClient;
import net.schmizz.sshj.common.DisconnectReason;
import net.schmizz.sshj.common.SSHException;
import net.schmizz.sshj.connection.channel.direct.SessionFactory;
import net.schmizz.sshj.sftp.Request;
import net.schmizz.sshj.sftp.Response;
import net.schmizz.sshj.sftp.SFTPEngine;
import net.schmizz.sshj.sftp.SFTPException;
import net.schmizz.sshj.transport.DisconnectListener;
import net.schmizz.sshj.transport.NegotiatedAlgorithms;
import net.schmizz.sshj.transport.compression.DelayedZlibCompression;
import net.schmizz.sshj.transport.compression.NoneCompression;
import net.schmizz.sshj.transport.compression.ZlibCompression;
import net.schmizz.sshj.transport.verification.AlgorithmsVerifier;
import net.schmizz.sshj.transport.verification.HostKeyVerifier;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:ch/cyberduck/core/sftp/SFTPSession.class */
public class SFTPSession extends Session<SSHClient> {
    private static final Logger log = Logger.getLogger(SFTPSession.class);
    private final Preferences preferences;
    private SFTPEngine sftp;
    private StateDisconnectListener disconnectListener;
    private NegotiatedAlgorithms algorithms;
    private final SocketFactory socketFactory;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:ch/cyberduck/core/sftp/SFTPSession$StateDisconnectListener.class */
    public static final class StateDisconnectListener implements DisconnectListener {
        private SSHException failure;

        private StateDisconnectListener() {
        }

        public void notifyDisconnect(DisconnectReason disconnectReason, String str) {
            SFTPSession.log.warn(String.format("Disconnected %s", disconnectReason));
            this.failure = new SSHException(disconnectReason, str);
        }

        public SSHException getFailure() {
            return this.failure;
        }
    }

    public SFTPSession(Host host) {
        this(host, new ProxySocketFactory(host.getProtocol(), new DefaultTrustManagerHostnameCallback(host)));
    }

    public SFTPSession(Host host, SocketFactory socketFactory) {
        super(host);
        this.preferences = PreferencesFactory.get();
        this.socketFactory = socketFactory;
    }

    public boolean isConnected() {
        if (super.isConnected()) {
            return ((SSHClient) this.client).isConnected();
        }
        return false;
    }

    /* renamed from: connect, reason: merged with bridge method [inline-methods] */
    public SSHClient m11connect(Proxy proxy, HostKeyCallback hostKeyCallback, LoginCallback loginCallback) throws BackgroundException {
        try {
            DefaultConfig defaultConfig = new DefaultConfig();
            if ("zlib".equals(this.preferences.getProperty("ssh.compression"))) {
                defaultConfig.setCompressionFactories(Arrays.asList(new DelayedZlibCompression.Factory(), new ZlibCompression.Factory(), new NoneCompression.Factory()));
            } else {
                defaultConfig.setCompressionFactories(Collections.singletonList(new NoneCompression.Factory()));
            }
            defaultConfig.setVersion(new PreferencesUseragentProvider().get());
            defaultConfig.setKeepAliveProvider(this.preferences.getProperty("ssh.heartbeat.provider").equals("keep-alive") ? KeepAliveProvider.KEEP_ALIVE : KeepAliveProvider.HEARTBEAT);
            return connect(hostKeyCallback, defaultConfig);
        } catch (IOException e) {
            throw new SFTPExceptionMappingService().map(e);
        }
    }

    protected SSHClient connect(final HostKeyCallback hostKeyCallback, Config config) throws IOException {
        SSHClient sSHClient = new SSHClient(config);
        sSHClient.setTimeout(this.preferences.getInteger("connection.timeout.seconds") * 1000);
        sSHClient.setSocketFactory(this.socketFactory);
        sSHClient.addHostKeyVerifier(new HostKeyVerifier() { // from class: ch.cyberduck.core.sftp.SFTPSession.1
            public boolean verify(String str, int i, PublicKey publicKey) {
                try {
                    return hostKeyCallback.verify(str, i, publicKey);
                } catch (ConnectionCanceledException | ChecksumException e) {
                    return false;
                }
            }
        });
        sSHClient.addAlgorithmsVerifier(new AlgorithmsVerifier() { // from class: ch.cyberduck.core.sftp.SFTPSession.2
            public boolean verify(NegotiatedAlgorithms negotiatedAlgorithms) {
                SFTPSession.log.info(String.format("Negotiated algorithms %s", negotiatedAlgorithms));
                SFTPSession.this.algorithms = negotiatedAlgorithms;
                return true;
            }
        });
        this.disconnectListener = new StateDisconnectListener();
        sSHClient.getTransport().setDisconnectListener(this.disconnectListener);
        sSHClient.connect(HostnameConfiguratorFactory.get(this.host.getProtocol()).getHostname(this.host.getHostname()), this.host.getPort());
        sSHClient.getConnection().getKeepAlive().setKeepAliveInterval(this.preferences.getInteger("ssh.heartbeat.seconds"));
        return sSHClient;
    }

    public boolean alert(ConnectionCallback connectionCallback) throws BackgroundException {
        if (null == this.algorithms) {
            return super.alert(connectionCallback);
        }
        if (!this.preferences.getBoolean(String.format("ssh.algorithm.whitelist.%s", this.host.getHostname()))) {
            if (this.preferences.getList("ssh.algorithm.cipher.blacklist").contains(this.algorithms.getClient2ServerCipherAlgorithm())) {
                alert(connectionCallback, this.algorithms.getClient2ServerCipherAlgorithm());
            }
            if (this.preferences.getList("ssh.algorithm.cipher.blacklist").contains(this.algorithms.getServer2ClientCipherAlgorithm())) {
                alert(connectionCallback, this.algorithms.getServer2ClientCipherAlgorithm());
            }
            if (this.preferences.getList("ssh.algorithm.mac.blacklist").contains(this.algorithms.getClient2ServerMACAlgorithm())) {
                alert(connectionCallback, this.algorithms.getClient2ServerMACAlgorithm());
            }
            if (this.preferences.getList("ssh.algorithm.mac.blacklist").contains(this.algorithms.getServer2ClientMACAlgorithm())) {
                alert(connectionCallback, this.algorithms.getServer2ClientMACAlgorithm());
            }
            if (this.preferences.getList("ssh.algorithm.kex.blacklist").contains(this.algorithms.getKeyExchangeAlgorithm())) {
                alert(connectionCallback, this.algorithms.getKeyExchangeAlgorithm());
            }
            if (this.preferences.getList("ssh.algorithm.signature.blacklist").contains(this.algorithms.getSignatureAlgorithm())) {
                alert(connectionCallback, this.algorithms.getSignatureAlgorithm());
            }
        }
        return super.alert(connectionCallback);
    }

    private void alert(ConnectionCallback connectionCallback, String str) throws ConnectionCanceledException {
        connectionCallback.warn(this.host, MessageFormat.format(LocaleFactory.localizedString("Insecure algorithm {0} negotiated with server", "Credentials"), str), MessageFormat.format("{0}. {1}.", LocaleFactory.localizedString("The algorithm is possibly too weak to meet current cryptography standards", "Credentials"), LocaleFactory.localizedString("Please contact your web hosting service provider for assistance", "Support")), LocaleFactory.localizedString("Continue", "Credentials"), LocaleFactory.localizedString("Disconnect", "Credentials"), String.format("ssh.algorithm.whitelist.%s", this.host.getHostname()));
    }

    /* JADX WARN: Type inference failed for: r1v9, types: [ch.cyberduck.core.sftp.SFTPSession$3] */
    public void login(Proxy proxy, HostPasswordStore hostPasswordStore, LoginCallback loginCallback, CancelCallback cancelCallback) throws BackgroundException {
        ArrayList arrayList = new ArrayList();
        Credentials credentials = this.host.getCredentials();
        if (credentials.isAnonymousLogin()) {
            arrayList.add(new SFTPNoneAuthentication(this));
        } else {
            if (this.preferences.getBoolean("ssh.authentication.agent.enable")) {
                arrayList.add(new SFTPAgentAuthentication(this, new OpenSSHAgentAuthenticator()));
                arrayList.add(new SFTPAgentAuthentication(this, new PageantAuthenticator()));
            }
            arrayList.add(new SFTPPublicKeyAuthentication(this));
            arrayList.add(new SFTPChallengeResponseAuthentication(this));
            arrayList.add(new SFTPPasswordAuthentication(this));
        }
        if (log.isDebugEnabled()) {
            log.debug(String.format("Attempt login with %d authentication methods", Integer.valueOf(arrayList.size())));
        }
        LoginFailureException loginFailureException = null;
        Iterator it = arrayList.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AuthenticationProvider authenticationProvider = (AuthenticationProvider) it.next();
            if (log.isDebugEnabled()) {
                log.debug(String.format("Attempt authentication with credentials %s and authentication method %s", credentials, authenticationProvider));
            }
            cancelCallback.verify();
            try {
            } catch (InteroperabilityException e) {
                throw new LoginFailureException(e.getDetail(false), e);
            } catch (IllegalStateException e2) {
                log.warn(String.format("Server disconnected with %s while trying authentication method %s", this.disconnectListener.getFailure(), authenticationProvider));
                try {
                    throw new SFTPExceptionMappingService().map(LocaleFactory.localizedString("Login failed", "Credentials"), this.disconnectListener.getFailure());
                } catch (InteroperabilityException e3) {
                    throw new LoginFailureException(e3.getDetail(false), e3);
                }
            } catch (LoginFailureException e4) {
                log.warn(String.format("Login failed with credentials %s and authentication method %s", credentials, authenticationProvider));
                if (!((SSHClient) this.client).isConnected()) {
                    log.warn(String.format("Server disconnected after failed authentication attempt with method %s", authenticationProvider));
                    throw e4;
                }
                loginFailureException = e4;
            }
            if (((Boolean) authenticationProvider.authenticate(this.host, hostPasswordStore, loginCallback, cancelCallback)).booleanValue()) {
                if (log.isInfoEnabled()) {
                    log.info(String.format("Login successful with authentication method %s", authenticationProvider));
                }
            } else if (((SSHClient) this.client).getUserAuth().hadPartialSuccess()) {
                if (log.isDebugEnabled()) {
                    log.debug(String.format("Partial login success with credentials %s and authentication method %s", credentials, authenticationProvider));
                }
            } else if (log.isDebugEnabled()) {
                log.debug(String.format("Login refused with credentials %s and authentication method %s", credentials, authenticationProvider));
            }
        }
        String banner = ((SSHClient) this.client).getUserAuth().getBanner();
        if (StringUtils.isNotBlank(banner)) {
            log(TranscriptListener.Type.response, banner);
        }
        if (!((SSHClient) this.client).isAuthenticated()) {
            if (null != loginFailureException) {
                throw loginFailureException;
            }
            throw new LoginFailureException(MessageFormat.format(LocaleFactory.localizedString("Login {0} with username and password", "Credentials"), BookmarkNameProvider.toString(this.host)));
        }
        try {
            this.sftp = new SFTPEngine((SessionFactory) this.client, String.valueOf('/')) { // from class: ch.cyberduck.core.sftp.SFTPSession.3
                public Promise<Response, SFTPException> request(Request request) throws IOException {
                    SFTPSession.this.log(TranscriptListener.Type.request, String.format("%d %s", Long.valueOf(request.getRequestID()), request.getType()));
                    return super.request(request);
                }
            }.init();
            this.sftp.setTimeoutMs(this.preferences.getInteger("connection.timeout.seconds") * 1000);
        } catch (IOException e5) {
            throw new SFTPExceptionMappingService().map(e5);
        }
    }

    public SFTPEngine sftp() throws LoginCanceledException {
        if (null == this.sftp) {
            throw new LoginCanceledException();
        }
        return this.sftp;
    }

    protected void logout() throws BackgroundException {
        try {
            if (null == this.sftp) {
                return;
            }
            this.sftp.close();
        } catch (IOException e) {
            throw new SFTPExceptionMappingService().map(e);
        }
    }

    public void disconnect() {
        try {
            ((SSHClient) this.client).close();
        } catch (IOException e) {
            log.warn(String.format("Ignore disconnect failure %s", e.getMessage()));
        }
        super.disconnect();
    }

    public <T> T _getFeature(Class<T> cls) {
        return cls == ListService.class ? (T) new SFTPListService(this) : cls == Find.class ? (T) new SFTPFindFeature(this) : cls == AttributesFinder.class ? (T) new SFTPAttributesFinderFeature(this) : cls == Read.class ? (T) new SFTPReadFeature(this) : cls == Write.class ? (T) new SFTPWriteFeature(this) : cls == Directory.class ? (T) new SFTPDirectoryFeature(this) : cls == Delete.class ? (T) new SFTPDeleteFeature(this) : cls == Move.class ? (T) new SFTPMoveFeature(this) : cls == UnixPermission.class ? (T) new SFTPUnixPermissionFeature(this) : cls == Timestamp.class ? (T) new SFTPTimestampFeature(this) : cls == Touch.class ? (T) new SFTPTouchFeature(this) : cls == Symlink.class ? (T) new SFTPSymlinkFeature(this) : cls == Command.class ? (T) new SFTPCommandFeature(this) : cls == Compress.class ? (T) new SFTPCompressFeature(this) : cls == DistributionConfiguration.class ? (T) new CustomOriginCloudFrontDistributionConfiguration(this.host) : cls == Home.class ? (T) new SFTPHomeDirectoryService(this) : cls == Quota.class ? (T) new SFTPQuotaFeature(this) : (T) super._getFeature(cls);
    }
}
