package org.apache.directory.server.changepw;

import java.io.IOException;
import java.util.ArrayList;
import javax.naming.InvalidNameException;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.changepw.protocol.ChangePasswordProtocolHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.store.DirectoryPrincipalStore;
import org.apache.directory.server.protocol.shared.DirectoryBackedService;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
import org.apache.directory.server.protocol.shared.transport.Transport;
import org.apache.directory.server.protocol.shared.transport.UdpTransport;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.mina.core.service.IoAcceptor;
import org.apache.mina.transport.socket.DatagramAcceptor;
import org.apache.mina.transport.socket.SocketAcceptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/directory/server/changepw/ChangePasswordServer.class */
public class ChangePasswordServer extends DirectoryBackedService {
    private static final long serialVersionUID = 3509208713288140629L;
    private static final String SERVICE_PRINCIPAL_DEFAULT = "kadmin/changepw@EXAMPLE.COM";
    private static final String REALM_DEFAULT = "EXAMPLE.COM";
    private static final int DEFAULT_IP_PORT = 464;
    private static final long DEFAULT_ALLOWABLE_CLOCKSKEW = 300000;
    private static final boolean DEFAULT_EMPTY_ADDRESSES_ALLOWED = true;
    public static final int DEFAULT_PASSWORD_LENGTH = 6;
    public static final int DEFAULT_CATEGORY_COUNT = 3;
    public static final int DEFAULT_TOKEN_SIZE = 3;
    private static final String SERVICE_PID_DEFAULT = "org.apache.directory.server.changepw";
    private static final String SERVICE_NAME_DEFAULT = "ApacheDS Change Password Service";
    private EncryptionType[] encryptionTypes;
    private String primaryRealm = REALM_DEFAULT;
    private String servicePrincipal = SERVICE_PRINCIPAL_DEFAULT;
    private long allowableClockSkew = DEFAULT_ALLOWABLE_CLOCKSKEW;
    private boolean isEmptyAddressesAllowed = true;
    private int policyPasswordLength;
    private int policyCategoryCount;
    private int policyTokenSize;
    private static final Logger LOG = LoggerFactory.getLogger(ChangePasswordServer.class.getName());
    public static final String[] ENCRYPTION_TYPES_DEFAULT = {"des-cbc-md5"};

    public ChangePasswordServer() {
        super.setServiceName(SERVICE_NAME_DEFAULT);
        super.setServiceId(SERVICE_PID_DEFAULT);
        super.setSearchBaseDn("ou=users,dc=example,dc=com");
        setTransports(new Transport[]{new TcpTransport(DEFAULT_IP_PORT), new UdpTransport(DEFAULT_IP_PORT)});
        prepareEncryptionTypes();
    }

    public String getPrimaryRealm() {
        return this.primaryRealm;
    }

    public void setPrimaryRealm(String str) {
        this.primaryRealm = str;
    }

    public EncryptionType[] getEncryptionTypes() {
        return this.encryptionTypes;
    }

    public void setEncryptionTypes(EncryptionType[] encryptionTypeArr) {
        this.encryptionTypes = encryptionTypeArr;
    }

    public long getAllowableClockSkew() {
        return this.allowableClockSkew;
    }

    public void setAllowableClockSkew(long j) {
        this.allowableClockSkew = j;
    }

    public KerberosPrincipal getServicePrincipal() {
        return new KerberosPrincipal(this.servicePrincipal);
    }

    public void setServicePrincipal(String str) {
        this.servicePrincipal = str;
    }

    public boolean isEmptyAddressesAllowed() {
        return this.isEmptyAddressesAllowed;
    }

    public void setEmptyAddressesAllowed(boolean z) {
        this.isEmptyAddressesAllowed = z;
    }

    public int getPasswordLengthPolicy() {
        return this.policyPasswordLength;
    }

    public int getCategoryCountPolicy() {
        return this.policyCategoryCount;
    }

    public int getTokenSizePolicy() {
        return this.policyTokenSize;
    }

    public void start() throws IOException, InvalidNameException {
        DirectoryPrincipalStore directoryPrincipalStore = new DirectoryPrincipalStore(getDirectoryService(), new LdapDN(getSearchBaseDn()));
        if (this.transports == null || this.transports.length == 0) {
            UdpTransport udpTransport = new UdpTransport(DEFAULT_IP_PORT);
            setTransports(new Transport[]{udpTransport});
            DatagramAcceptor acceptor = udpTransport.getAcceptor();
            acceptor.setHandler(new ChangePasswordProtocolHandler(this, directoryPrincipalStore));
            acceptor.getSessionConfig().setReuseAddress(true);
            acceptor.bind();
        } else {
            for (Transport transport : this.transports) {
                SocketAcceptor acceptor2 = transport.getAcceptor();
                acceptor2.setCloseOnDeactivation(false);
                if (transport instanceof UdpTransport) {
                    acceptor2.getSessionConfig().setReuseAddress(true);
                } else {
                    acceptor2.setReuseAddress(true);
                    acceptor2.getSessionConfig().setTcpNoDelay(true);
                }
                acceptor2.setHandler(new ChangePasswordProtocolHandler(this, directoryPrincipalStore));
                acceptor2.bind();
            }
        }
        LOG.info("ChangePassword service started.");
        System.out.println("ChangePassword service started.");
    }

    public void stop() {
        for (Transport transport : getTransports()) {
            IoAcceptor acceptor = transport.getAcceptor();
            if (acceptor != null) {
                acceptor.dispose();
            }
        }
        LOG.info("ChangePassword service stopped.");
        System.out.println("ChangePassword service stopped.");
    }

    private void prepareEncryptionTypes() {
        String[] strArr = ENCRYPTION_TYPES_DEFAULT;
        ArrayList arrayList = new ArrayList();
        for (String str : strArr) {
            for (EncryptionType encryptionType : EncryptionType.getEncryptionTypes()) {
                if (encryptionType.toString().equalsIgnoreCase(str)) {
                    arrayList.add(encryptionType);
                }
            }
        }
        this.encryptionTypes = (EncryptionType[]) arrayList.toArray(new EncryptionType[arrayList.size()]);
    }

    public void setPolicyPasswordLength(int i) {
        this.policyPasswordLength = i;
    }

    public void setPolicyCategoryCount(int i) {
        this.policyCategoryCount = i;
    }

    public void setPolicyTokenSize(int i) {
        this.policyTokenSize = i;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("ChangePasswordServer[").append(getServiceName()).append("], listening on :").append('\n');
        if (getTransports() != null) {
            for (Transport transport : getTransports()) {
                sb.append("    ").append(transport).append('\n');
            }
        }
        return sb.toString();
    }
}
