package net.oneandone.stool.cli;

import ch.qos.logback.core.net.ssl.SSL;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.LocalDate;
import java.time.ZoneId;
import java.time.temporal.ChronoUnit;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.mail.MessagingException;
import javax.naming.NamingException;
import net.oneandone.inline.ArgumentException;
import net.oneandone.inline.Console;
import net.oneandone.stool.configuration.StageConfiguration;
import net.oneandone.stool.locking.Mode;
import net.oneandone.stool.stage.Stage;
import net.oneandone.stool.users.User;
import net.oneandone.stool.users.UserNotFound;
import net.oneandone.stool.util.Mailer;
import net.oneandone.stool.util.Session;
import net.oneandone.sushi.fs.file.FileNode;
import net.oneandone.sushi.launcher.Failure;
import net.oneandone.sushi.launcher.Launcher;
import net.oneandone.sushi.util.Separator;

/* loaded from: input_file:WEB-INF/lib/main-3.4.4.jar:net/oneandone/stool/cli/Validate.class */
public class Validate extends StageCommand {
    private boolean email;
    private boolean repair;
    private Report report;

    /* loaded from: input_file:WEB-INF/lib/main-3.4.4.jar:net/oneandone/stool/cli/Validate$Report.class */
    public static class Report {
        private Map<String, List<String>> users = new HashMap();

        public void admin(String str) {
            admin(null, str);
        }

        public void admin(Stage stage, String str) {
            add(null, prefix(stage) + str);
        }

        /* JADX WARN: Failed to find 'out' block for switch in B:5:0x0038. Please report as an issue. */
        public void user(Stage stage, String str) throws IOException {
            String str2;
            HashSet hashSet = new HashSet();
            for (String str3 : stage.config().notify) {
                boolean z = -1;
                switch (str3.hashCode()) {
                    case 899266540:
                        if (str3.equals(StageConfiguration.NOTIFY_CREATOR)) {
                            z = true;
                            break;
                        }
                        break;
                    case 1938430579:
                        if (str3.equals(StageConfiguration.NOTIFY_OWNER)) {
                            z = false;
                            break;
                        }
                        break;
                }
                switch (z) {
                    case false:
                        str2 = stage.owner();
                        break;
                    case true:
                        str2 = stage.creator();
                        break;
                    default:
                        str2 = str3;
                        break;
                }
                if (hashSet.add(str2)) {
                    add(str2, prefix(stage) + str);
                }
            }
        }

        public void console(Console console) {
            Iterator<Map.Entry<String, List<String>>> it = this.users.entrySet().iterator();
            while (it.hasNext()) {
                Iterator<String> it2 = it.next().getValue().iterator();
                while (it2.hasNext()) {
                    console.info.println(it2.next());
                }
            }
        }

        public void email(Session session) throws NamingException, MessagingException {
            String str = session.configuration.hostname;
            Mailer mailer = session.configuration.mailer();
            Console console = session.console;
            for (Map.Entry<String, List<String>> entry : this.users.entrySet()) {
                String key = entry.getKey();
                String join = Separator.RAW_LINE.join(entry.getValue());
                String email = email(session, key);
                if (email == null) {
                    console.error.println("cannot send email, there's nobody to send it to.");
                } else {
                    console.info.println("sending email to " + email);
                    mailer.send("stool@" + str, new String[]{email}, "Validation of your stage(s) on " + str + " failed", join, new File[0]);
                }
            }
        }

        private static String email(Session session, String str) throws NamingException {
            String str2;
            if (str == null) {
                str2 = session.configuration.admin;
            } else {
                if (str.contains("@")) {
                    return str;
                }
                try {
                    User lookupUser = session.lookupUser(str);
                    str2 = lookupUser == null ? session.configuration.admin : lookupUser.email;
                } catch (UserNotFound e) {
                    str2 = session.configuration.admin;
                }
            }
            if (str2.isEmpty()) {
                return null;
            }
            return str2;
        }

        public boolean isEmpty() {
            return this.users.isEmpty();
        }

        private static String prefix(Stage stage) {
            return stage == null ? "" : stage.getName() + ": ";
        }

        private void add(String str, String str2) {
            List<String> list = this.users.get(str);
            if (list == null) {
                list = new ArrayList();
                this.users.put(str, list);
            }
            list.add(str2);
        }
    }

    public Validate(Session session, boolean z, boolean z2) {
        super(false, false, session, Mode.SHARED, Mode.EXCLUSIVE, Mode.EXCLUSIVE);
        this.email = z;
        this.repair = z2;
    }

    @Override // net.oneandone.stool.cli.StageCommand, net.oneandone.stool.cli.SessionCommand
    public void doRun() throws Exception {
        this.report = new Report();
        dns();
        this.session.logging.rotate();
        locks();
        super.doRun();
        if (this.report.isEmpty()) {
            this.console.info.println("validate ok");
            return;
        }
        this.report.console(this.console);
        if (this.email) {
            this.report.email(this.session);
        }
        this.console.info.println();
        this.console.info.println("validate failed");
    }

    private void dns() throws IOException {
        String digIp = digIp(this.session.configuration.hostname);
        if (digIp.isEmpty()) {
            this.report.admin("missing dns entry for " + this.session.configuration.hostname);
            return;
        }
        try {
            new ServerSocket(this.session.pool().temp(), 50, InetAddress.getByName(this.session.configuration.hostname)).close();
        } catch (IOException e) {
            this.report.admin("cannot open socket on machine " + this.session.configuration.hostname + ". Check the configured hostname.");
        }
        String digIp2 = digIp("foo." + this.session.configuration.hostname);
        if (digIp2.isEmpty() || !digIp2.endsWith(digIp)) {
            this.report.admin("missing dns * entry for " + this.session.configuration.hostname + " (" + digIp2 + ")");
        }
    }

    private void locks() throws IOException {
        for (Integer num : this.session.lockManager.validate(processes(), this.repair)) {
            if (this.repair) {
                this.report.admin("repaired locks: removed stale lock(s) for process id " + num);
            } else {
                this.report.admin("detected stale locks for process id " + num);
            }
        }
    }

    private String digIp(String str) throws Failure {
        return new Launcher(this.world.getWorking(), "dig", "+short", str).exec().trim();
    }

    @Override // net.oneandone.stool.cli.StageCommand
    public void doMain(Stage stage) throws Exception {
        tomcat(stage);
        cert(stage);
        constraints(stage);
    }

    public void constraints(Stage stage) throws IOException {
        try {
            stage.checkConstraints();
        } catch (ArgumentException e) {
            this.report.user(stage, e.getMessage());
            if (this.repair) {
                if (stage.runningService() != 0) {
                    try {
                        new Stop(this.session, false).doRun(stage);
                        this.report.user(stage, "stage has been stopped");
                    } catch (Exception e2) {
                        this.report.user(stage, "stage failed to stop: " + e2.getMessage());
                        e2.printStackTrace(this.console.verbose);
                    }
                }
                if (this.session.configuration.autoRemove < 0 || stage.config().expire.expiredDays() < 0) {
                    return;
                }
                if (stage.config().expire.expiredDays() < this.session.configuration.autoRemove) {
                    this.report.user(stage, "CAUTION: This stage will be removed automatically in " + (this.session.configuration.autoRemove - stage.config().expire.expiredDays()) + " day(s)");
                    return;
                }
                try {
                    this.report.user(stage, "removing expired stage");
                    if (!stage.owner().equals(this.session.user)) {
                        new Chown(this.session, true, null).doRun(stage);
                    }
                    new Remove(this.session, true, true).doRun(stage);
                } catch (Exception e3) {
                    this.report.user(stage, "failed to remove expired stage: " + e3.getMessage());
                    e3.printStackTrace(this.console.verbose);
                }
            }
        }
    }

    private void tomcat(Stage stage) throws IOException {
        int runningService = stage.runningService();
        int servicePid = processes().servicePid(stage.getBackstage());
        if (runningService != servicePid) {
            this.report.admin(stage, "Service process mismatch: " + runningService + " vs " + servicePid);
        }
    }

    private void cert(Stage stage) throws IOException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        FileNode join = stage.backstage.join("ssl/tomcat.jks");
        if (join.exists()) {
            KeyStore keyStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
            InputStream newInputStream = join.newInputStream();
            Throwable th = null;
            try {
                try {
                    keyStore.load(newInputStream, SSL.DEFAULT_KEYSTORE_PASSWORD.toCharArray());
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                    long between = ChronoUnit.DAYS.between(LocalDate.now(), ((X509Certificate) keyStore.getCertificate("tomcat")).getNotAfter().toInstant().atZone(ZoneId.systemDefault()).toLocalDate());
                    if (between < 10) {
                        this.report.user(stage, "certifacte expires in " + between + " days");
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } catch (Throwable th4) {
                if (newInputStream != null) {
                    if (th != null) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                throw th4;
            }
        }
    }
}
