package oracle.net.nt;

import ch.qos.logback.core.joran.action.ActionConst;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import java.util.Properties;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import oracle.net.jdbc.nl.NLException;
import oracle.net.ns.NetException;

/* loaded from: input_file:spg-merchant-service-war-3.0.13.war:WEB-INF/lib/ojdbc6-11.2.0.3.jar:oracle/net/nt/TcpsNTAdapter.class */
public class TcpsNTAdapter extends TcpNTAdapter {
    String matchSSLServerCertDNWith;
    boolean fullDNMatch;
    SSLSocketFactory l_sslSockFac;
    Socket underlyingSocket;
    SSLSocket socketWithListener;

    public TcpsNTAdapter(String str, Properties properties) throws NLException {
        super(str, properties);
        this.underlyingSocket = null;
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public void connect() throws IOException {
        this.l_sslSockFac = CustomSSLSocketFactory.getSSLSocketFactory(this.socketOptions);
        this.underlyingSocket = new Socket();
        String str = (String) this.socketOptions.get(2);
        int parseInt = str == null ? 0 : Integer.parseInt(str);
        int parseInt2 = Integer.parseInt((String) this.socketOptions.get(17));
        boolean parseBoolean = Boolean.parseBoolean((String) this.socketOptions.get(18));
        InetAddress[] allByName = InetAddress.getAllByName(this.host);
        if (parseBoolean && allByName.length > 1) {
            allByName = getAddressesInCircularOrder(this.host, allByName);
        }
        int length = parseInt2 * allByName.length;
        for (int i = 0; i < parseInt2; i++) {
            int i2 = 0;
            do {
                InetSocketAddress inetSocketAddress = new InetSocketAddress(allByName[i2], this.port);
                i2++;
                length--;
                this.underlyingSocket = new Socket();
                try {
                    this.underlyingSocket.connect(inetSocketAddress, parseInt);
                    this.socket = this.l_sslSockFac.createSocket(this.underlyingSocket, this.host, this.port, true);
                    String str2 = (String) this.socketOptions.get(3);
                    if (str2 != null) {
                        setOption(3, str2);
                    }
                    setSSLSocketOptions();
                    return;
                } catch (IOException e) {
                    try {
                        if (this.underlyingSocket != null) {
                            this.underlyingSocket.close();
                        }
                        if (this.socket != null) {
                            this.socket.close();
                        }
                    } catch (Exception e2) {
                    }
                    if (length <= 0) {
                        throw e;
                    }
                } catch (NumberFormatException e3) {
                    throw new NetException(505);
                }
            } while (i2 < allByName.length);
        }
    }

    public void renegotiateSession() throws IOException {
        this.socketWithListener = (SSLSocket) this.socket;
        this.socket = this.l_sslSockFac.createSocket(this.underlyingSocket, this.host, this.port, true);
        String str = (String) this.socketOptions.get(3);
        if (str != null) {
            setOption(3, str);
        }
        setSSLSocketOptions();
    }

    public void setSSLSocketOptions() throws IOException {
        super.setSocketOptions();
        SSLSocket sSLSocket = (SSLSocket) this.socket;
        sSLSocket.setUseClientMode(true);
        TcpsConfigure.configureVersion(sSLSocket, (String) this.socketOptions.get(6));
        TcpsConfigure.configureCipherSuites(sSLSocket, (String) this.socketOptions.get(7));
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public void setOption(int i, Object obj) throws IOException, NetException {
        switch (i) {
            case 7:
                if (((String) obj).equalsIgnoreCase("TRUE")) {
                    this.fullDNMatch = true;
                    return;
                } else {
                    this.fullDNMatch = false;
                    return;
                }
            case 8:
                setServerDNMatchValue((String[]) obj);
                return;
            default:
                super.setOption(i, obj);
                return;
        }
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public Object getOption(int i) throws IOException, NetException {
        SSLSocket sSLSocket = (SSLSocket) this.socket;
        switch (i) {
            case 2:
                String cipherSuite = sSLSocket.getSession().getCipherSuite();
                return (cipherSuite == null || cipherSuite.indexOf(ActionConst.NULL) != -1) ? "FALSE" : "TRUE";
            case 3:
                return ((X509Certificate) sSLSocket.getSession().getPeerCertificates()[0]).getSubjectDN().getName();
            case 4:
                return sSLSocket.getSession().getPeerCertificateChain();
            case 5:
                return sSLSocket.getSession().getCipherSuite();
            case 6:
                String str = (String) this.socketOptions.get(4);
                if (str == null) {
                    str = System.getProperty("oracle.net.ssl_server_dn_match", "false");
                }
                return ((str.equalsIgnoreCase("YES") || str.equalsIgnoreCase("ON") || str.equalsIgnoreCase("TRUE")) && !TcpsConfigure.matchServerDN(((X509Certificate) sSLSocket.getSession().getPeerCertificates()[0]).getSubjectDN().getName(), this.matchSSLServerCertDNWith, this.fullDNMatch)) ? "FALSE" : "TRUE";
            default:
                return super.getOption(i);
        }
    }

    public void setServerDNMatchValue(String[] strArr) {
        String str = strArr[0];
        String str2 = strArr[1];
        String str3 = strArr[2];
        if (str != null) {
            this.matchSSLServerCertDNWith = str;
            this.fullDNMatch = true;
            return;
        }
        if (str2 != null) {
            if (str2.indexOf(46) != -1) {
                this.matchSSLServerCertDNWith = "CN=" + str2.substring(0, str2.indexOf(46));
                return;
            } else {
                this.matchSSLServerCertDNWith = "CN=" + str2.trim();
                return;
            }
        }
        if (str3 != null) {
            if (str3.indexOf(46) != -1) {
                this.matchSSLServerCertDNWith = "CN=" + str3.substring(0, str3.indexOf(46));
            } else {
                this.matchSSLServerCertDNWith = "CN=" + str3.trim();
            }
        }
    }
}
