package org.jivesoftware.openfire.net;

import java.io.IOException;
import java.io.StringReader;
import javax.servlet.jsp.tagext.TagAttributeInfo;
import org.apache.commons.httpclient.HttpStatus;
import org.dom4j.Element;
import org.dom4j.io.XMPPPacketReader;
import org.jivesoftware.openfire.Connection;
import org.jivesoftware.openfire.PacketRouter;
import org.jivesoftware.openfire.XMPPServer;
import org.jivesoftware.openfire.auth.UnauthorizedException;
import org.jivesoftware.openfire.http.FlashCrossDomainServlet;
import org.jivesoftware.openfire.net.SASLAuthentication;
import org.jivesoftware.openfire.session.LocalSession;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.LocaleUtils;
import org.jivesoftware.util.StringUtils;
import org.logicalcobwebs.proxool.ProxoolConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
import org.xmpp.packet.IQ;
import org.xmpp.packet.JID;
import org.xmpp.packet.Message;
import org.xmpp.packet.PacketError;
import org.xmpp.packet.Presence;
import org.xmpp.packet.Roster;
import org.xmpp.packet.StreamError;

/* loaded from: input_file:org/jivesoftware/openfire/net/StanzaHandler.class */
public abstract class StanzaHandler {
    private static final Logger Log = LoggerFactory.getLogger(StanzaHandler.class);
    protected static String CHARSET = "UTF-8";
    protected Connection connection;
    private SASLAuthentication.Status saslStatus;
    protected LocalSession session;
    protected String serverName;
    private PacketRouter router;
    private boolean sessionCreated = false;
    private boolean startedTLS = false;
    private boolean startedSASL = false;
    private boolean waitingCompressionACK = false;

    public StanzaHandler(PacketRouter packetRouter, String str, Connection connection) {
        this.serverName = str;
        this.router = packetRouter;
        this.connection = connection;
    }

    public void process(String str, XMPPPacketReader xMPPPacketReader) throws Exception {
        Element rootElement;
        boolean z = str.startsWith("<stream:stream") || str.startsWith("<flash:stream");
        if (!this.sessionCreated || z) {
            if (!z) {
                if (str.startsWith("<policy-file-request/>")) {
                    this.connection.deliverRawText(FlashCrossDomainServlet.CROSS_DOMAIN_TEXT + XMPPServer.getInstance().getConnectionManager().getClientListenerPort() + FlashCrossDomainServlet.CROSS_DOMAIN_END_TEXT + (char) 0);
                    return;
                }
                return;
            }
            if (!this.sessionCreated) {
                this.sessionCreated = true;
                MXParser xPPParser = xMPPPacketReader.getXPPParser();
                xPPParser.setInput(new StringReader(str));
                createSession(xPPParser);
                return;
            }
            if (this.startedTLS) {
                this.startedTLS = false;
                tlsNegotiated();
                return;
            } else if (this.startedSASL && this.saslStatus == SASLAuthentication.Status.authenticated) {
                this.startedSASL = false;
                saslSuccessful();
                return;
            } else {
                if (this.waitingCompressionACK) {
                    this.waitingCompressionACK = false;
                    compressionSuccessful();
                    return;
                }
                return;
            }
        }
        if (str.equals("</stream:stream>")) {
            this.session.close();
            return;
        }
        if (str.startsWith("<?xml") || (rootElement = xMPPPacketReader.read(new StringReader(str)).getRootElement()) == null) {
            return;
        }
        String name = rootElement.getName();
        if ("starttls".equals(name)) {
            if (negotiateTLS()) {
                this.startedTLS = true;
                return;
            } else {
                this.connection.close();
                this.session = null;
                return;
            }
        }
        if ("auth".equals(name)) {
            this.startedSASL = true;
            this.saslStatus = SASLAuthentication.handle(this.session, rootElement);
        } else if (this.startedSASL && "response".equals(name)) {
            this.saslStatus = SASLAuthentication.handle(this.session, rootElement);
        } else if (!"compress".equals(name)) {
            process(rootElement);
        } else if (compressClient(rootElement)) {
            this.waitingCompressionACK = true;
        }
    }

    private void process(Element element) throws UnauthorizedException {
        if (element == null) {
            return;
        }
        if (this.connection.getTlsPolicy() == Connection.TLSPolicy.required && !this.connection.isSecure()) {
            closeNeverSecuredConnection();
            return;
        }
        String name = element.getName();
        if ("message".equals(name)) {
            try {
                processMessage(new Message(element, !validateJIDs()));
                return;
            } catch (IllegalArgumentException e) {
                Log.debug("Rejecting packet. JID malformed", (Throwable) e);
                Message message = new Message();
                message.setID(element.attributeValue(TagAttributeInfo.ID));
                message.setTo(this.session.getAddress());
                message.getElement().addAttribute("from", element.attributeValue("to"));
                message.setError(PacketError.Condition.jid_malformed);
                this.session.process(message);
                return;
            }
        }
        if ("presence".equals(name)) {
            try {
                Presence presence = new Presence(element, !validateJIDs());
                try {
                    presence.getType();
                } catch (IllegalArgumentException e2) {
                    Log.warn("Invalid presence type", (Throwable) e2);
                    presence.setType(null);
                }
                try {
                    presence.getShow();
                } catch (IllegalArgumentException e3) {
                    Log.warn("Invalid presence show for -" + presence.toXML(), (Throwable) e3);
                    presence.setShow(null);
                }
                if (this.session.getStatus() == -1 && presence.isAvailable()) {
                    Log.warn("Ignoring available presence packet of closed session: " + presence);
                    return;
                } else {
                    processPresence(presence);
                    return;
                }
            } catch (IllegalArgumentException e4) {
                Log.debug("Rejecting packet. JID malformed", (Throwable) e4);
                Presence presence2 = new Presence();
                presence2.setID(element.attributeValue(TagAttributeInfo.ID));
                presence2.setTo(this.session.getAddress());
                presence2.getElement().addAttribute("from", element.attributeValue("to"));
                presence2.setError(PacketError.Condition.jid_malformed);
                this.session.process(presence2);
                return;
            }
        }
        if (!"iq".equals(name)) {
            if (processUnknowPacket(element)) {
                return;
            }
            Log.warn(LocaleUtils.getLocalizedString("admin.error.packet.tag") + element.asXML());
            this.session.close();
            return;
        }
        try {
            IQ iq = getIQ(element);
            if (iq.getID() != null || !JiveGlobals.getBooleanProperty("xmpp.server.validation.enabled", false)) {
                processIQ(iq);
            } else {
                this.session.deliverRawText(new StreamError(StreamError.Condition.invalid_xml).toXML());
                this.session.close();
            }
        } catch (IllegalArgumentException e5) {
            Log.debug("Rejecting packet. JID malformed", (Throwable) e5);
            IQ iq2 = new IQ();
            if (!element.elements().isEmpty()) {
                iq2.setChildElement(((Element) element.elements().get(0)).createCopy());
            }
            iq2.setID(element.attributeValue(TagAttributeInfo.ID));
            iq2.setTo(this.session.getAddress());
            if (element.attributeValue("to") != null) {
                iq2.getElement().addAttribute("from", element.attributeValue("to"));
            }
            iq2.setError(PacketError.Condition.jid_malformed);
            this.session.process(iq2);
        }
    }

    private IQ getIQ(Element element) {
        Element element2 = element.element("query");
        if (element2 == null || !"jabber:iq:roster".equals(element2.getNamespaceURI())) {
            return new IQ(element, !validateJIDs());
        }
        return new Roster(element);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processIQ(IQ iq) throws UnauthorizedException {
        this.router.route(iq);
        this.session.incrementClientPacketCount();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processPresence(Presence presence) throws UnauthorizedException {
        this.router.route(presence);
        this.session.incrementClientPacketCount();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processMessage(Message message) throws UnauthorizedException {
        this.router.route(message);
        this.session.incrementClientPacketCount();
    }

    abstract boolean processUnknowPacket(Element element) throws UnauthorizedException;

    private boolean negotiateTLS() {
        if (this.connection.getTlsPolicy() == Connection.TLSPolicy.disabled) {
            this.connection.deliverRawText(new StreamError(StreamError.Condition.not_authorized).toXML());
            this.connection.close();
            Log.warn("TLS requested by initiator when TLS was never offered by server. Closing connection : " + this.connection);
            return false;
        }
        try {
            startTLS();
            return true;
        } catch (Exception e) {
            Log.error("Error while negotiating TLS", (Throwable) e);
            this.connection.deliverRawText("<failure xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\">");
            this.connection.close();
            return false;
        }
    }

    abstract void startTLS() throws Exception;

    private void tlsNegotiated() {
        StringBuilder sb = new StringBuilder(620);
        sb.append(geStreamHeader());
        sb.append("<stream:features>");
        sb.append(SASLAuthentication.getSASLMechanisms(this.session));
        String availableStreamFeatures = this.session.getAvailableStreamFeatures();
        if (availableStreamFeatures != null) {
            sb.append(availableStreamFeatures);
        }
        sb.append("</stream:features>");
        this.connection.deliverRawText(sb.toString());
    }

    private void saslSuccessful() {
        StringBuilder sb = new StringBuilder(HttpStatus.SC_METHOD_FAILURE);
        sb.append(geStreamHeader());
        sb.append("<stream:features>");
        String availableStreamFeatures = this.session.getAvailableStreamFeatures();
        if (availableStreamFeatures != null) {
            sb.append(availableStreamFeatures);
        }
        sb.append("</stream:features>");
        this.connection.deliverRawText(sb.toString());
    }

    private boolean compressClient(Element element) {
        String str = null;
        if (this.connection.getCompressionPolicy() == Connection.CompressionPolicy.disabled) {
            str = "<failure xmlns='http://jabber.org/protocol/compress'><setup-failed/></failure>";
            Log.warn("Client requested compression while compression is disabled. Closing connection : " + this.connection);
        } else if (this.connection.isCompressed()) {
            str = "<failure xmlns='http://jabber.org/protocol/compress'><setup-failed/></failure>";
            Log.warn("Client requested compression and connection is already compressed. Closing connection : " + this.connection);
        } else {
            String elementText = element.elementText("method");
            if (!"zlib".equals(elementText)) {
                str = "<failure xmlns='http://jabber.org/protocol/compress'><unsupported-method/></failure>";
                Log.warn("Requested compression method is not supported: " + elementText + ". Closing connection : " + this.connection);
            }
        }
        if (str != null) {
            this.connection.deliverRawText(str);
            return false;
        }
        this.connection.addCompression();
        this.connection.deliverRawText("<compressed xmlns='http://jabber.org/protocol/compress'/>");
        this.connection.startCompression();
        return true;
    }

    private void compressionSuccessful() {
        StringBuilder sb = new StringBuilder(340);
        sb.append(geStreamHeader());
        sb.append("<stream:features>");
        if (this.session.getStatus() != 3) {
            sb.append(SASLAuthentication.getSASLMechanisms(this.session));
        }
        String availableStreamFeatures = this.session.getAvailableStreamFeatures();
        if (availableStreamFeatures != null) {
            sb.append(availableStreamFeatures);
        }
        sb.append("</stream:features>");
        this.connection.deliverRawText(sb.toString());
    }

    private String geStreamHeader() {
        StringBuilder sb = new StringBuilder(200);
        sb.append("<?xml version='1.0' encoding='");
        sb.append(CHARSET);
        sb.append("'?>");
        if (this.connection.isFlashClient()) {
            sb.append("<flash:stream xmlns:flash=\"http://www.jabber.com/streams/flash\" ");
        } else {
            sb.append("<stream:stream ");
        }
        sb.append("xmlns:stream=\"http://etherx.jabber.org/streams\" xmlns=\"");
        sb.append(getNamespace());
        sb.append("\" from=\"");
        sb.append(this.serverName);
        sb.append("\" id=\"");
        sb.append(this.session.getStreamID());
        sb.append("\" xml:lang=\"");
        sb.append(this.connection.getLanguage());
        sb.append("\" version=\"");
        sb.append(1).append(ProxoolConstants.ALIAS_DELIMITER).append(0);
        sb.append("\">");
        return sb.toString();
    }

    void closeNeverSecuredConnection() {
        this.connection.deliverRawText(new StreamError(StreamError.Condition.not_authorized).toXML());
        this.connection.close();
        Log.warn("TLS was required by the server and connection was never secured. Closing connection : " + this.connection);
    }

    protected void createSession(XmlPullParser xmlPullParser) throws XmlPullParserException, IOException {
        int eventType = xmlPullParser.getEventType();
        while (eventType != 2) {
            eventType = xmlPullParser.next();
        }
        String attributeValue = xmlPullParser.getAttributeValue("", "to");
        if (validateHost() && isHostUnknown(attributeValue)) {
            StringBuilder sb = new StringBuilder(250);
            sb.append("<?xml version='1.0' encoding='");
            sb.append(CHARSET);
            sb.append("'?>");
            sb.append("<stream:stream ");
            sb.append("from=\"").append(this.serverName).append("\" ");
            sb.append("id=\"").append(StringUtils.randomString(5)).append("\" ");
            sb.append("xmlns=\"").append(xmlPullParser.getNamespace(null)).append("\" ");
            sb.append("xmlns:stream=\"").append(xmlPullParser.getNamespace("stream")).append("\" ");
            sb.append("version=\"1.0\">");
            sb.append(new StreamError(StreamError.Condition.host_unknown).toXML());
            this.connection.deliverRawText(sb.toString());
            this.connection.close();
            Log.warn("Closing session due to incorrect hostname in stream header. Host: " + attributeValue + ". Connection: " + this.connection);
            return;
        }
        if (createSession(xmlPullParser.getNamespace(null), this.serverName, xmlPullParser, this.connection)) {
            return;
        }
        StringBuilder sb2 = new StringBuilder(250);
        sb2.append("<?xml version='1.0' encoding='");
        sb2.append(CHARSET);
        sb2.append("'?>");
        sb2.append("<stream:stream ");
        sb2.append("from=\"").append(this.serverName).append("\" ");
        sb2.append("id=\"").append(StringUtils.randomString(5)).append("\" ");
        sb2.append("xmlns=\"").append(xmlPullParser.getNamespace(null)).append("\" ");
        sb2.append("xmlns:stream=\"").append(xmlPullParser.getNamespace("stream")).append("\" ");
        sb2.append("version=\"1.0\">");
        sb2.append(new StreamError(StreamError.Condition.bad_namespace_prefix).toXML());
        this.connection.deliverRawText(sb2.toString());
        this.connection.close();
        Log.warn("Closing session due to bad_namespace_prefix in stream header. Prefix: " + xmlPullParser.getNamespace(null) + ". Connection: " + this.connection);
    }

    private boolean isHostUnknown(String str) {
        return (str == null || this.serverName.equals(str)) ? false : true;
    }

    public JID getAddress() {
        if (this.session == null) {
            return null;
        }
        return this.session.getAddress();
    }

    abstract String getNamespace();

    abstract boolean validateHost();

    abstract boolean validateJIDs();

    abstract boolean createSession(String str, String str2, XmlPullParser xmlPullParser, Connection connection) throws XmlPullParserException;
}
