package org.owasp.webscarab.plugin.proxy;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.TreeMap;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import org.owasp.webscarab.model.ConversationID;
import org.owasp.webscarab.model.HttpUrl;
import org.owasp.webscarab.model.Preferences;
import org.owasp.webscarab.model.Request;
import org.owasp.webscarab.model.Response;
import org.owasp.webscarab.model.StoreException;
import org.owasp.webscarab.plugin.Framework;
import org.owasp.webscarab.plugin.Hook;
import org.owasp.webscarab.plugin.Plugin;

/* loaded from: input_file:main/WebScarab-1.0.0-SNAPSHOT.jar:org/owasp/webscarab/plugin/proxy/Proxy.class */
public class Proxy implements Plugin {
    private Framework _framework;
    private SSLSocketFactoryFactory _certGenerator;
    private static HashMap<String, SSLSocketFactory> _factoryMap = new HashMap<>();
    private static char[] _keystorepass = "password".toCharArray();
    private static char[] _keypassword = "password".toCharArray();
    private static String _certDir = "./certs/";
    private boolean _running = false;
    private ProxyUI _ui = null;
    private ArrayList<ProxyPlugin> _plugins = new ArrayList<>();
    private TreeMap<ListenerSpec, Listener> _listeners = new TreeMap<>();
    private Logger _logger = Logger.getLogger(getClass().getName());
    private String _status = "Stopped";
    private int _pending = 0;
    private ConnectionHook _allowConnection = new ConnectionHook("Allow connection", "Called when a new connection is received from a browser\nuse connection.getAddress() and connection.closeConnection() to decide and react");
    private ConnectionHook _interceptRequest = new ConnectionHook("Intercept request", "Called when a new request has been submitted by the browser\nuse connection.getRequest() and connection.setRequest(request) to perform changes");
    private ConnectionHook _interceptResponse = new ConnectionHook("Intercept response", "Called when the request has been submitted to the server, and the response has been recieved.\nuse connection.getResponse() and connection.setResponse(response) to perform changes");

    /* loaded from: input_file:main/WebScarab-1.0.0-SNAPSHOT.jar:org/owasp/webscarab/plugin/proxy/Proxy$ConnectionHook.class */
    private class ConnectionHook extends Hook {
        public ConnectionHook(String str, String str2) {
            super(str, str2);
        }

        public void runScripts(ScriptableConnection scriptableConnection) {
            if (this._bsfManager == null) {
                return;
            }
            synchronized (this._bsfManager) {
                try {
                    this._bsfManager.declareBean("connection", scriptableConnection, scriptableConnection.getClass());
                    super.runScripts();
                    this._bsfManager.undeclareBean("connection");
                } catch (Exception e) {
                    Proxy.this._logger.severe("Declaring or undeclaring a bean should not throw an exception! " + e);
                }
            }
        }
    }

    public Proxy(Framework framework) {
        this._framework = null;
        this._certGenerator = null;
        this._framework = framework;
        parseListenerConfig();
        try {
            this._certGenerator = new SSLSocketFactoryFactory(".keystore", "JKS", "password".toCharArray());
            this._certGenerator.setReuseKeys(true);
        } catch (IOException e) {
            e.printStackTrace();
        } catch (NoClassDefFoundError e2) {
            this._certGenerator = null;
        } catch (GeneralSecurityException e3) {
            e3.printStackTrace();
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Hook[] getScriptingHooks() {
        return new Hook[]{this._allowConnection, this._interceptRequest, this._interceptResponse};
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public Object getScriptableObject() {
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void allowClientConnection(ScriptableConnection scriptableConnection) {
        this._allowConnection.runScripts(scriptableConnection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void interceptRequest(ScriptableConnection scriptableConnection) {
        this._interceptRequest.runScripts(scriptableConnection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void interceptResponse(ScriptableConnection scriptableConnection) {
        this._interceptResponse.runScripts(scriptableConnection);
    }

    public void setUI(ProxyUI proxyUI) {
        this._ui = proxyUI;
        if (this._ui != null) {
            this._ui.setEnabled(this._running);
        }
    }

    public void addPlugin(ProxyPlugin proxyPlugin) {
        this._plugins.add(proxyPlugin);
    }

    public ProxyPlugin getPlugin(String str) {
        Iterator<ProxyPlugin> it = this._plugins.iterator();
        while (it.hasNext()) {
            ProxyPlugin next = it.next();
            if (next.getPluginName().equals(str)) {
                return next;
            }
        }
        return null;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getPluginName() {
        return new String("Proxy");
    }

    public ListenerSpec[] getProxies() {
        return this._listeners.size() == 0 ? new ListenerSpec[0] : (ListenerSpec[]) this._listeners.keySet().toArray(new ListenerSpec[0]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ProxyPlugin[] getPlugins() {
        ProxyPlugin[] proxyPluginArr = new ProxyPlugin[this._plugins.size()];
        for (int i = 0; i < this._plugins.size(); i++) {
            proxyPluginArr[i] = this._plugins.get(i);
        }
        return proxyPluginArr;
    }

    public void addListener(ListenerSpec listenerSpec) {
        createListener(listenerSpec);
        startListener(this._listeners.get(listenerSpec));
        String key = getKey(listenerSpec);
        Preferences.setPreference("Proxy.listener." + key + ".base", listenerSpec.getBase() == null ? "" : listenerSpec.getBase().toString());
        Preferences.setPreference("Proxy.listener." + key + ".primary", listenerSpec.isPrimaryProxy() ? "yes" : "no");
        String str = null;
        Iterator<ListenerSpec> it = this._listeners.keySet().iterator();
        while (it.hasNext()) {
            String key2 = getKey(it.next());
            str = str == null ? key2 : str + ", " + key2;
        }
        Preferences.setPreference("Proxy.listeners", str);
    }

    private String getKey(ListenerSpec listenerSpec) {
        return listenerSpec.getAddress() + ":" + listenerSpec.getPort();
    }

    private void startListener(Listener listener) {
        Thread thread = new Thread(listener, "Listener-" + getKey(listener.getListenerSpec()));
        thread.setDaemon(true);
        thread.start();
        if (this._ui != null) {
            this._ui.proxyStarted(listener.getListenerSpec());
        }
    }

    private boolean stopListener(Listener listener) {
        boolean stop = listener.stop();
        if (stop && this._ui != null) {
            this._ui.proxyStopped(listener.getListenerSpec());
        }
        return stop;
    }

    public boolean removeListener(ListenerSpec listenerSpec) {
        Listener listener = this._listeners.get(listenerSpec);
        if (listener == null || !stopListener(listener)) {
            return false;
        }
        this._listeners.remove(listenerSpec);
        if (this._ui != null) {
            this._ui.proxyRemoved(listenerSpec);
        }
        String key = getKey(listenerSpec);
        Preferences.remove("Proxy.listener." + key + ".base");
        Preferences.remove("Proxy.listener." + key + ".simulator");
        Preferences.remove("Proxy.listener." + key + ".primary");
        String str = null;
        Iterator<ListenerSpec> it = this._listeners.keySet().iterator();
        while (it.hasNext()) {
            String key2 = getKey(it.next());
            str = str == null ? key2 : str + ", " + key2;
        }
        if (str == null) {
            str = "";
        }
        Preferences.setPreference("Proxy.listeners", str);
        return true;
    }

    @Override // org.owasp.webscarab.plugin.Plugin, java.lang.Runnable
    public void run() {
        for (ListenerSpec listenerSpec : this._listeners.keySet()) {
            try {
                listenerSpec.verifyAvailable();
                Listener listener = this._listeners.get(listenerSpec);
                if (listener == null) {
                    createListener(listenerSpec);
                    listener = this._listeners.get(listenerSpec);
                }
                startListener(listener);
            } catch (IOException e) {
                this._logger.warning("Unable to start listener " + listenerSpec);
                if (this._ui != null) {
                    this._ui.proxyStartError(listenerSpec, e);
                }
                removeListener(listenerSpec);
            }
        }
        this._running = true;
        if (this._ui != null) {
            this._ui.setEnabled(this._running);
        }
        this._status = "Started, Idle";
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean stop() {
        this._running = false;
        Iterator<ListenerSpec> it = this._listeners.keySet().iterator();
        while (it.hasNext()) {
            Listener listener = this._listeners.get(it.next());
            if (listener != null && !stopListener(listener)) {
                this._logger.severe("Failed to stop Listener-" + listener.getListenerSpec());
                this._running = true;
            }
        }
        if (this._ui != null) {
            this._ui.setEnabled(this._running);
        }
        this._status = "Stopped";
        return !this._running;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ConversationID gotRequest(Request request) {
        ConversationID reserveConversationID = this._framework.reserveConversationID();
        if (this._ui != null) {
            this._ui.requested(reserveConversationID, request.getMethod(), request.getURL());
        }
        this._pending++;
        this._status = "Started, " + this._pending + " in progress";
        return reserveConversationID;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void gotResponse(ConversationID conversationID, Response response) {
        if (this._ui != null) {
            this._ui.received(conversationID, response.getStatusLine());
        }
        this._framework.addConversation(conversationID, response.getRequest(), response, getPluginName());
        this._pending--;
        this._status = "Started, " + (this._pending > 0 ? this._pending + " in progress" : "Idle");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSLSocketFactory getSocketFactory(String str) {
        synchronized (_factoryMap) {
            if (_factoryMap.containsKey(str)) {
                return _factoryMap.get(str);
            }
            SSLSocketFactory loadSocketFactory = loadSocketFactory(new File(_certDir + str + ".p12"), str);
            if (loadSocketFactory != null) {
                _factoryMap.put(str, loadSocketFactory);
                return loadSocketFactory;
            }
            SSLSocketFactory generateSocketFactory = generateSocketFactory(str);
            if (generateSocketFactory != null) {
                _factoryMap.put(str, generateSocketFactory);
                return generateSocketFactory;
            }
            if (_factoryMap.containsKey(null)) {
                this._logger.info("Using default SSL keystore for " + str);
                return _factoryMap.get(null);
            }
            SSLSocketFactory loadSocketFactory2 = loadSocketFactory(new File(_certDir + "server.p12"), str);
            if (loadSocketFactory2 != null) {
                _factoryMap.put(null, loadSocketFactory2);
                return loadSocketFactory2;
            }
            this._logger.info("Loading default SSL keystore from internal resource");
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream("server.p12");
            if (resourceAsStream == null) {
                this._logger.severe("WebScarab JAR was built without a certificate!");
                this._logger.severe("SSL Intercept not available!");
                return null;
            }
            SSLSocketFactory loadSocketFactory3 = loadSocketFactory(resourceAsStream, "WebScarab JAR");
            _factoryMap.put(null, loadSocketFactory3);
            return loadSocketFactory3;
        }
    }

    private SSLSocketFactory loadSocketFactory(File file, String str) {
        if (!file.exists() || !file.canRead()) {
            return null;
        }
        this._logger.info("Loading SSL keystore for " + str + " from " + file);
        try {
            return loadSocketFactory(new FileInputStream(file), file.getPath());
        } catch (IOException e) {
            this._logger.severe("Error reading from " + file + ": " + e.getLocalizedMessage());
            return null;
        }
    }

    private SSLSocketFactory loadSocketFactory(InputStream inputStream, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(inputStream, _keystorepass);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
            keyManagerFactory.init(keyStore, _keypassword);
            SSLContext sSLContext = SSLContext.getInstance("SSLv3");
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            return sSLContext.getSocketFactory();
        } catch (IOException e) {
            this._logger.info("Error reading SSL keystore from " + str + ": " + e.getLocalizedMessage());
            return null;
        } catch (GeneralSecurityException e2) {
            this._logger.info("Error reading SSL keystore from " + str + ": " + e2.getLocalizedMessage());
            return null;
        }
    }

    private SSLSocketFactory generateSocketFactory(String str) {
        if (this._certGenerator == null) {
            return null;
        }
        try {
            this._logger.info("Generating custom SSL keystore for " + str);
            return this._certGenerator.getSocketFactory(str);
        } catch (IOException e) {
            this._logger.info("Error generating custom SSL keystore for " + str + ": " + e);
            return null;
        } catch (GeneralSecurityException e2) {
            this._logger.info("Error generating custom SSL keystore for " + str + ": " + e2);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void failedResponse(ConversationID conversationID, String str) {
        if (this._ui != null) {
            this._ui.aborted(conversationID, str);
        }
        this._pending--;
        this._status = "Started, " + (this._pending > 0 ? this._pending + " in progress" : "Idle");
    }

    private void parseListenerConfig() {
        HttpUrl httpUrl;
        String preference = Preferences.getPreference("Proxy.listeners");
        if (preference == null || preference.trim().equals("")) {
            this._logger.warning("No proxies configured!?");
            preference = "127.0.0.1:8008";
        }
        String[] split = preference.trim().split(" *,+ *");
        for (int i = 0; i < split.length; i++) {
            String substring = split[i].substring(0, split[i].indexOf(":"));
            try {
                int parseInt = Integer.parseInt(split[i].substring(split[i].indexOf(":") + 1).trim());
                String preference2 = Preferences.getPreference("Proxy.listener." + split[i] + ".base", "");
                if (preference2.equals("")) {
                    httpUrl = null;
                } else {
                    try {
                        httpUrl = new HttpUrl(preference2);
                    } catch (MalformedURLException e) {
                        this._logger.severe("Malformed 'base' parameter for listener '" + split[i] + "'");
                        return;
                    }
                }
                String preference3 = Preferences.getPreference("Proxy.listener." + split[i] + ".primary", "false");
                this._listeners.put(new ListenerSpec(substring, parseInt, httpUrl, preference3.equalsIgnoreCase("true") || preference3.equalsIgnoreCase("yes")), null);
            } catch (NumberFormatException e2) {
                System.err.println("Error parsing port for " + split[i] + ", skipping it!");
            }
        }
    }

    private void createListener(ListenerSpec listenerSpec) {
        this._listeners.put(listenerSpec, new Listener(this, listenerSpec));
        if (this._ui != null) {
            this._ui.proxyAdded(listenerSpec);
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void flush() throws StoreException {
        Iterator<ProxyPlugin> it = this._plugins.iterator();
        while (it.hasNext()) {
            it.next().flush();
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isBusy() {
        return this._pending > 0;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public String getStatus() {
        return this._status;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isModified() {
        return false;
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void analyse(ConversationID conversationID, Request request, Response response, String str) {
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public void setSession(String str, Object obj, String str2) throws StoreException {
        Iterator<ProxyPlugin> it = this._plugins.iterator();
        while (it.hasNext()) {
            it.next().setSession(str, obj, str2);
        }
    }

    @Override // org.owasp.webscarab.plugin.Plugin
    public boolean isRunning() {
        return this._running;
    }
}
