package com.zimbra.cs.util;

import com.google.common.base.Joiner;
import com.zimbra.common.account.ZAttrProvisioning;
import com.zimbra.common.localconfig.LC;
import com.zimbra.common.net.SocketFactories;
import com.zimbra.common.service.ServiceException;
import com.zimbra.common.util.Log;
import com.zimbra.common.util.StringUtil;
import com.zimbra.common.util.TimeoutMap;
import com.zimbra.common.util.ZimbraLog;
import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.DataSource;
import com.zimbra.cs.account.Domain;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.account.Server;
import com.zimbra.cs.mailclient.auth.OAuth2Provider;
import com.zimbra.cs.mailclient.auth.SaslAuthenticator;
import com.zimbra.cs.mailclient.smtp.SmtpConfig;
import com.zimbra.cs.mailclient.smtp.SmtpTransport;
import com.zimbra.cs.mailclient.smtp.SmtpsTransport;
import java.security.Security;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.mail.Authenticator;
import javax.mail.MessagingException;
import javax.mail.NoSuchProviderException;
import javax.mail.PasswordAuthentication;
import javax.mail.Session;

/* loaded from: input_file:com/zimbra/cs/util/JMSession.class */
public final class JMSession {
    public static final String SMTP_SEND_PARTIAL_PROPERTY = "mail.smtp.sendpartial";
    public static final String SMTPS_SEND_PARTIAL_PROPERTY = "mail.smtps.sendpartial";
    private static final Session sSession;
    private static Map<String, Object> sBadSmtpHosts;
    private static final String[] NO_HOSTS;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:com/zimbra/cs/util/JMSession$SmtpAuthenticator.class */
    private static class SmtpAuthenticator extends Authenticator {
        private final String username;
        private final String password;

        public SmtpAuthenticator(String str, String str2) {
            this.username = str;
            this.password = str2;
        }

        protected PasswordAuthentication getPasswordAuthentication() {
            return new PasswordAuthentication(this.username, this.password);
        }
    }

    public static void setProviders(Session session) {
        if (LC.javamail_zsmtp.booleanValue()) {
            try {
                session.setProvider(SmtpTransport.PROVIDER);
                session.setProvider(SmtpsTransport.PROVIDER);
            } catch (NoSuchProviderException e) {
                if (!$assertionsDisabled) {
                    throw new AssertionError();
                }
            }
        }
    }

    public static Session getSession() {
        return sSession;
    }

    public static Session getSmtpSession() throws MessagingException {
        return getSmtpSession((Domain) null);
    }

    public static Session getSmtpSession(Account account) throws MessagingException {
        Domain domain = null;
        if (account != null) {
            try {
                domain = Provisioning.getInstance().getDomain(account);
            } catch (ServiceException e) {
                ZimbraLog.smtp.warn("Unable to look up domain for account %s.", account.getName(), e);
            }
        }
        Session smtpSession = getSmtpSession(domain);
        if (account != null && account.isSmtpEnableTrace()) {
            smtpSession.setDebug(true);
        }
        return smtpSession;
    }

    public static Session getSession(DataSource dataSource) throws ServiceException {
        Session session;
        String smtpHost = dataSource.getSmtpHost();
        int intValue = dataSource.getSmtpPort().intValue();
        boolean isSmtpAuthRequired = dataSource.isSmtpAuthRequired();
        String smtpUsername = dataSource.getSmtpUsername();
        String decryptedSmtpPassword = dataSource.getDecryptedSmtpPassword();
        if (ZAttrProvisioning.DataSourceAuthMechanism.XOAUTH2.name().equalsIgnoreCase(dataSource.getAuthMechanism())) {
            decryptedSmtpPassword = dataSource.getDecryptedOAuthToken();
        }
        boolean isSmtpConnectionSecure = dataSource.isSmtpConnectionSecure();
        if (smtpHost == null || smtpHost.length() == 0) {
            throw ServiceException.FAILURE("null smtp host", (Throwable) null);
        }
        if (intValue <= 0) {
            throw ServiceException.FAILURE("invalid smtp port", (Throwable) null);
        }
        if (isSmtpAuthRequired && (smtpUsername == null || smtpUsername.length() == 0 || decryptedSmtpPassword == null || decryptedSmtpPassword.length() == 0)) {
            throw ServiceException.FAILURE("missing smtp username or password", (Throwable) null);
        }
        long longValue = LC.javamail_smtp_timeout.longValue() * 1000;
        String value = LC.zimbra_server_hostname.value();
        Properties properties = new Properties();
        properties.put("mail.smtp.socketFactory", SocketFactories.defaultSocketFactory());
        properties.setProperty("mail.smtp.socketFactory.fallback", "false");
        properties.put("mail.smtp.ssl.socketFactory", SocketFactories.defaultSSLSocketFactory());
        properties.setProperty("mail.smtp.ssl.socketFactory.fallback", "false");
        properties.put("mail.smtps.ssl.socketFactory", SocketFactories.defaultSSLSocketFactory());
        properties.setProperty("mail.smtps.ssl.socketFactory.fallback", "false");
        if (isSmtpConnectionSecure) {
            properties.setProperty("mail.transport.protocol", "smtps");
            properties.setProperty("mail.smtps.connectiontimeout", Long.toString(longValue));
            properties.setProperty("mail.smtps.timeout", Long.toString(longValue));
            properties.setProperty("mail.smtps.localhost", value);
            properties.setProperty(SMTPS_SEND_PARTIAL_PROPERTY, "true");
            properties.setProperty("mail.smtps.host", smtpHost);
            properties.setProperty("mail.smtps.port", intValue + "");
            if (isSmtpAuthRequired) {
                properties.setProperty("mail.smtps.auth", "true");
                properties.setProperty("mail.smtps.user", smtpUsername);
                properties.setProperty("mail.smtps.password", decryptedSmtpPassword);
                if (ZAttrProvisioning.DataSourceAuthMechanism.XOAUTH2.name().equalsIgnoreCase(dataSource.getAuthMechanism())) {
                    addOAuth2Properties(decryptedSmtpPassword, properties, "smtps");
                }
                session = Session.getInstance(properties, new SmtpAuthenticator(smtpUsername, decryptedSmtpPassword));
            } else {
                session = Session.getInstance(properties);
            }
            session.setProtocolForAddress("rfc822", "smtps");
        } else {
            properties.setProperty("mail.transport.protocol", SmtpConfig.PROTOCOL);
            properties.setProperty("mail.smtp.connectiontimeout", Long.toString(longValue));
            properties.setProperty("mail.smtp.timeout", Long.toString(longValue));
            properties.setProperty("mail.smtp.localhost", value);
            properties.setProperty(SMTP_SEND_PARTIAL_PROPERTY, "true");
            properties.setProperty("mail.smtp.host", smtpHost);
            properties.setProperty("mail.smtp.port", intValue + "");
            if (LC.javamail_smtp_enable_starttls.booleanValue()) {
                properties.setProperty("mail.smtp.starttls.enable", "true");
            }
            if (isSmtpAuthRequired) {
                properties.setProperty("mail.smtp.auth", "true");
                properties.setProperty("mail.smtp.user", smtpUsername);
                properties.setProperty("mail.smtp.password", decryptedSmtpPassword);
                if (ZAttrProvisioning.DataSourceAuthMechanism.XOAUTH2.name().equalsIgnoreCase(dataSource.getAuthMechanism())) {
                    addOAuth2Properties(decryptedSmtpPassword, properties, SmtpConfig.PROTOCOL);
                }
                session = Session.getInstance(properties, new SmtpAuthenticator(smtpUsername, decryptedSmtpPassword));
            } else {
                session = Session.getInstance(properties);
            }
            session.setProtocolForAddress("rfc822", SmtpConfig.PROTOCOL);
        }
        if (LC.javamail_smtp_debug.booleanValue()) {
            session.setDebug(true);
        }
        setProviders(session);
        return session;
    }

    private static Session getSmtpSession(Domain domain) throws MessagingException {
        try {
            Session session = Session.getInstance(getJavaMailSessionProperties(Provisioning.getInstance().getLocalServer(), domain));
            setProviders(session);
            if (LC.javamail_smtp_debug.booleanValue()) {
                session.setDebug(true);
            }
            return session;
        } catch (ServiceException e) {
            throw new MessagingException("Unable to initialize JavaMail session", e);
        }
    }

    public static Session getRelaySession() throws MessagingException {
        try {
            Server localServer = Provisioning.getInstance().getLocalServer();
            String shareNotificationMtaHostname = localServer.getShareNotificationMtaHostname();
            int shareNotificationMtaPort = localServer.getShareNotificationMtaPort();
            boolean isShareNotificationMtaAuthRequired = localServer.isShareNotificationMtaAuthRequired();
            boolean z = localServer.getShareNotificationMtaConnectionType() == ZAttrProvisioning.ShareNotificationMtaConnectionType.STARTTLS;
            if (shareNotificationMtaHostname == null || shareNotificationMtaPort == 0) {
                return getSmtpSession();
            }
            Properties javaMailSessionProperties = getJavaMailSessionProperties(localServer, null);
            javaMailSessionProperties.setProperty("mail.smtp.host", shareNotificationMtaHostname);
            javaMailSessionProperties.setProperty("mail.smtp.port", "" + shareNotificationMtaPort);
            SmtpAuthenticator smtpAuthenticator = null;
            if (isShareNotificationMtaAuthRequired) {
                String shareNotificationMtaAuthAccount = localServer.getShareNotificationMtaAuthAccount();
                String shareNotificationMtaAuthPassword = localServer.getShareNotificationMtaAuthPassword();
                if (shareNotificationMtaAuthAccount == null || shareNotificationMtaAuthPassword == null) {
                    ZimbraLog.smtp.warn("zimbraShareNotificationMtaAuthRequired is enabled but account or password is unset");
                } else {
                    javaMailSessionProperties.setProperty("mail.smtp.auth", "" + isShareNotificationMtaAuthRequired);
                    javaMailSessionProperties.setProperty("mail.smtp.sasl.enable", "" + isShareNotificationMtaAuthRequired);
                    smtpAuthenticator = new SmtpAuthenticator(shareNotificationMtaAuthAccount, shareNotificationMtaAuthPassword);
                }
            }
            if (z) {
                javaMailSessionProperties.setProperty("mail.smtp.starttls.enable", "" + z);
            }
            Session session = smtpAuthenticator == null ? Session.getInstance(javaMailSessionProperties) : Session.getInstance(javaMailSessionProperties, smtpAuthenticator);
            setProviders(session);
            if (LC.javamail_smtp_debug.booleanValue()) {
                session.setDebug(true);
            }
            return session;
        } catch (ServiceException e) {
            throw new MessagingException("Unable to identify local server", e);
        }
    }

    private static Properties getJavaMailSessionProperties(Server server, Domain domain) throws MessagingException {
        String str;
        try {
            String randomSmtpHost = getRandomSmtpHost(domain);
            if (randomSmtpHost == null) {
                str = "No SMTP hosts available";
                throw new MessagingException(domain != null ? str + " for domain " + domain.getName() : "No SMTP hosts available");
            }
            Properties properties = new Properties(sSession.getProperties());
            properties.setProperty("mail.smtp.host", randomSmtpHost);
            properties.setProperty("mail.smtp.port", getValue(server, domain, "zimbraSmtpPort"));
            properties.setProperty("mail.smtp.localhost", LC.zimbra_server_hostname.value());
            String value = getValue(server, domain, "zimbraSmtpTimeout");
            String l = Long.toString((value == null ? 60L : Long.parseLong(value)) * 1000);
            properties.setProperty("mail.smtp.connectiontimeout", l);
            properties.setProperty("mail.smtp.timeout", l);
            Boolean valueOf = Boolean.valueOf(Boolean.parseBoolean(getValue(server, domain, "zimbraSmtpSendPartial")));
            properties.setProperty(SMTP_SEND_PARTIAL_PROPERTY, valueOf.toString());
            properties.setProperty(SMTPS_SEND_PARTIAL_PROPERTY, valueOf.toString());
            if (domain != null) {
                properties.setProperty("mail.host", domain.getName());
            }
            return properties;
        } catch (ServiceException e) {
            throw new MessagingException("Unable to initialize JavaMail session", e);
        }
    }

    public static void addOAuth2Properties(String str, Properties properties, String str2) {
        HashMap hashMap = new HashMap();
        addOAuth2Properties(str, hashMap, str2);
        properties.putAll(hashMap);
    }

    public static void addOAuth2Properties(String str, Map<String, String> map, String str2) {
        map.put("mail." + str2 + ".ssl.enable", "true");
        map.put("mail." + str2 + ".sasl.enable", "true");
        map.put("mail." + str2 + ".sasl.mechanisms", SaslAuthenticator.XOAUTH2);
        map.put("mail." + str2 + ".auth.login.disable", "true");
        map.put("mail." + str2 + ".auth.plain.disable", "true");
        map.put("mail." + str2 + ".sasl.mechanisms.oauth2.oauthToken", str);
    }

    private static String getValue(Server server, Domain domain, String str) {
        String str2 = null;
        if (domain != null) {
            str2 = domain.getAttr(str);
        }
        return StringUtil.isNullOrEmpty(str2) ? server.getAttr(str) : str2;
    }

    public static void resetSmtpHosts() {
        ZimbraLog.smtp.debug("Resetting bad SMTP hosts.");
        sBadSmtpHosts.clear();
    }

    private static String getRandomSmtpHost(Domain domain) throws ServiceException {
        List<String> smtpHosts = getSmtpHosts(domain);
        if (smtpHosts.size() > 0) {
            return smtpHosts.get(0);
        }
        return null;
    }

    private static boolean isHostBad(String str) {
        if (str != null) {
            str = str.toLowerCase();
        }
        boolean containsKey = sBadSmtpHosts.containsKey(str);
        if (containsKey) {
            ZimbraLog.smtp.debug("List of bad SMTP hosts contains '%s'", new Object[]{str});
        }
        return containsKey;
    }

    public static List<String> getSmtpHosts(Domain domain) throws ServiceException {
        ArrayList arrayList = new ArrayList();
        for (String str : lookupSmtpHosts(domain)) {
            if (!isHostBad(str)) {
                arrayList.add(str);
            }
        }
        Collections.shuffle(arrayList);
        return arrayList;
    }

    public static void markSmtpHostBad(String str) {
        if (str == null) {
            return;
        }
        ZimbraLog.smtp.info("Disallowing connections to %s for %d milliseconds.", new Object[]{str, Integer.valueOf(LC.smtp_host_retry_millis.intValue())});
        sBadSmtpHosts.put(str.toLowerCase(), null);
    }

    private static String[] lookupSmtpHosts(Domain domain) throws ServiceException {
        String[] strArr = NO_HOSTS;
        if (domain != null) {
            strArr = domain.getSmtpHostname();
        }
        if (strArr.length > 0) {
            if (ZimbraLog.smtp.isDebugEnabled()) {
                Log log = ZimbraLog.smtp;
                Object[] objArr = new Object[3];
                objArr[0] = domain == null ? "<null>" : domain.getName();
                objArr[1] = Integer.valueOf(strArr.length);
                objArr[2] = Joiner.on(',').join(strArr);
                log.debug("lookupSmtpHosts domain=%s has %s SMTP hostnames configured - %s", objArr);
            }
            return strArr;
        }
        Server localServer = Provisioning.getInstance().getLocalServer();
        String[] smtpHostname = localServer.getSmtpHostname();
        if (ZimbraLog.smtp.isDebugEnabled()) {
            Log log2 = ZimbraLog.smtp;
            Object[] objArr2 = new Object[4];
            objArr2[0] = domain == null ? "<null>" : domain.getName();
            objArr2[1] = Integer.valueOf(smtpHostname.length);
            objArr2[2] = Joiner.on(',').join(smtpHostname);
            objArr2[3] = localServer.getName();
            log2.debug("lookupSmtpHosts domain=%s has %s SMTP hostnames configured - %s. [via server %s]", objArr2);
        }
        return smtpHostname;
    }

    static {
        $assertionsDisabled = !JMSession.class.desiredAssertionStatus();
        System.setProperty("mail.mime.base64.ignoreerrors", "true");
        try {
            Security.addProvider(new OAuth2Provider(Provisioning.getInstance().getLocalServer().getServerVersionMajor()));
        } catch (ServiceException e) {
            ZimbraLog.smtp.warn("Exception in getting zimbra server version", e);
            Security.addProvider(new OAuth2Provider(1));
        }
        Properties properties = new Properties();
        properties.setProperty("mail.mime.address.strict", "false");
        sSession = Session.getInstance(properties);
        setProviders(sSession);
        sBadSmtpHosts = Collections.synchronizedMap(new TimeoutMap(LC.smtp_host_retry_millis.intValue()));
        NO_HOSTS = new String[0];
    }
}
