package net.java.sip.communicator.impl.dns;

import java.awt.BorderLayout;
import java.awt.FlowLayout;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.UnknownHostException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.swing.BorderFactory;
import javax.swing.JButton;
import javax.swing.JLabel;
import javax.swing.JPanel;
import net.java.sip.communicator.plugin.desktoputil.SIPCommDialog;
import net.java.sip.communicator.plugin.desktoputil.TransparentPanel;
import net.java.sip.communicator.service.dns.CustomResolver;
import net.java.sip.communicator.service.dns.DnssecRuntimeException;
import net.java.sip.communicator.util.Logger;
import org.jitsi.dnssec.validator.ValidatingResolver;
import org.jitsi.service.configuration.ConfigurationService;
import org.jitsi.service.resources.ResourceManagementService;
import org.jitsi.util.StringUtils;
import org.xbill.DNS.ExtendedResolver;
import org.xbill.DNS.Lookup;
import org.xbill.DNS.Message;
import org.xbill.DNS.Resolver;
import org.xbill.DNS.SimpleResolver;
import org.xbill.DNS.Type;

/* loaded from: input_file:net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver.class */
public class ConfigurableDnssecResolver extends ValidatingResolver implements CustomResolver {
    private static final Logger logger = Logger.getLogger(ConfigurableDnssecResolver.class);
    public static final String PNAME_DNSSEC_VALIDATION_MODE = "net.java.sip.communicator.util.dns.DNSSEC_VALIDATION_MODE";
    public static final String PNAME_BASE_DNSSEC_PIN = "net.java.sip.communicator.util.dns.pin";
    static final String EVENT_TYPE = "DNSSEC_NOTIFICATION";
    private ConfigurationService config;
    private ResourceManagementService R;
    private Map<String, Date> lastNotifications;
    private ExtendedResolver headResolver;

    /* renamed from: net.java.sip.communicator.impl.dns.ConfigurableDnssecResolver$1, reason: invalid class name */
    /* loaded from: input_file:net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$net$java$sip$communicator$impl$dns$ConfigurableDnssecResolver$DnssecDialogResult = new int[DnssecDialogResult.values().length];

        static {
            try {
                $SwitchMap$net$java$sip$communicator$impl$dns$ConfigurableDnssecResolver$DnssecDialogResult[DnssecDialogResult.Accept.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$net$java$sip$communicator$impl$dns$ConfigurableDnssecResolver$DnssecDialogResult[DnssecDialogResult.Deny.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$net$java$sip$communicator$impl$dns$ConfigurableDnssecResolver$DnssecDialogResult[DnssecDialogResult.AlwaysAccept.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$net$java$sip$communicator$impl$dns$ConfigurableDnssecResolver$DnssecDialogResult[DnssecDialogResult.AlwaysDeny.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    /* loaded from: input_file:net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver$DnssecDialog.class */
    private class DnssecDialog extends SIPCommDialog implements ActionListener {
        private static final long serialVersionUID = 0;
        private JPanel pnlAdvanced;
        private JPanel pnlStandard;
        private final String domain;
        private final String reason;
        private JButton cmdAck;
        private JButton cmdShowDetails;
        private DnssecDialogResult result;

        public DnssecDialog(String str, String str2) {
            super(false);
            this.result = DnssecDialogResult.Deny;
            setModal(true);
            this.domain = str;
            this.reason = str2;
            initComponents();
        }

        private void initComponents() {
            setLayout(new BorderLayout(15, 15));
            setTitle(ConfigurableDnssecResolver.this.R.getI18NString("util.dns.INSECURE_ANSWER_TITLE"));
            JLabel jLabel = new JLabel(ConfigurableDnssecResolver.this.R.getImage("service.gui.icons.WARNING_ICON"));
            jLabel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
            add(jLabel, "West");
            add(new JLabel(ConfigurableDnssecResolver.this.R.getI18NString("util.dns.DNSSEC_WARNING", new String[]{ConfigurableDnssecResolver.this.R.getSettingsString("service.gui.APPLICATION_NAME"), this.domain})), "Center");
            this.cmdAck = new JButton(ConfigurableDnssecResolver.this.R.getI18NString("service.gui.OK"));
            this.cmdAck.addActionListener(this);
            this.cmdShowDetails = new JButton(ConfigurableDnssecResolver.this.R.getI18NString("util.dns.DNSSEC_ADVANCED_OPTIONS"));
            this.cmdShowDetails.addActionListener(this);
            this.pnlStandard = new TransparentPanel(new BorderLayout());
            this.pnlStandard.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
            this.pnlStandard.add(this.cmdShowDetails, "West");
            this.pnlStandard.add(this.cmdAck, "East");
            add(this.pnlStandard, "South");
            this.pnlAdvanced = new TransparentPanel(new BorderLayout());
            TransparentPanel transparentPanel = new TransparentPanel(new FlowLayout(2));
            transparentPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
            this.pnlAdvanced.add(transparentPanel, "East");
            for (DnssecDialogResult dnssecDialogResult : DnssecDialogResult.values()) {
                JButton jButton = new JButton(ConfigurableDnssecResolver.this.R.getI18NString("net.java.sip.communicator.util.dns.ConfigurableDnssecResolver$DnssecDialogResult." + dnssecDialogResult.name()));
                jButton.setActionCommand(dnssecDialogResult.name());
                jButton.addActionListener(this);
                transparentPanel.add(jButton);
            }
            JLabel jLabel2 = new JLabel(this.reason);
            jLabel2.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
            this.pnlAdvanced.add(jLabel2, "North");
        }

        public void actionPerformed(ActionEvent actionEvent) {
            if (actionEvent.getSource() == this.cmdAck) {
                this.result = DnssecDialogResult.Deny;
                dispose();
            } else if (actionEvent.getSource() != this.cmdShowDetails) {
                this.result = (DnssecDialogResult) Enum.valueOf(DnssecDialogResult.class, actionEvent.getActionCommand());
                dispose();
            } else {
                getContentPane().remove(this.pnlStandard);
                add(this.pnlAdvanced, "South");
                pack();
            }
        }

        public DnssecDialogResult getResult() {
            return this.result;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/java/sip/communicator/impl/dns/ConfigurableDnssecResolver$DnssecDialogResult.class */
    public enum DnssecDialogResult {
        Accept,
        Deny,
        AlwaysAccept,
        AlwaysDeny
    }

    public ConfigurableDnssecResolver(ExtendedResolver extendedResolver) {
        super(extendedResolver);
        this.config = DnsUtilActivator.getConfigurationService();
        this.R = DnsUtilActivator.getResources();
        this.lastNotifications = new HashMap();
        List<String> propertyNamesByPrefix = this.config.getPropertyNamesByPrefix("org.jitsi.dnssec", false);
        Properties properties = new Properties();
        for (String str : propertyNamesByPrefix) {
            String property = properties.getProperty(str);
            if (!StringUtils.isNullOrEmpty(property)) {
                properties.put(str, property);
            }
        }
        try {
            super.init(properties);
        } catch (IOException e) {
            logger.error("Extended dnssec properties contained an error", e);
        }
        this.headResolver = extendedResolver;
        reset();
        Lookup.setDefaultResolver(this);
        DnsUtilActivator.getNotificationService().registerDefaultNotificationForEvent(EVENT_TYPE, "PopupMessageAction", (String) null, (String) null);
    }

    public Message send(Message message) throws DnssecRuntimeException, IOException {
        SecureMessage secureMessage = new SecureMessage(super.send(message));
        String name = secureMessage.getQuestion().getName().toString();
        String string = Type.string(secureMessage.getQuestion().getType());
        String createPropNameUnsigned = createPropNameUnsigned(name, string);
        SecureResolveMode secureResolveMode = (SecureResolveMode) Enum.valueOf(SecureResolveMode.class, this.config.getString(PNAME_DNSSEC_VALIDATION_MODE, SecureResolveMode.WarnIfBogus.name()));
        SecureResolveMode secureResolveMode2 = (SecureResolveMode) Enum.valueOf(SecureResolveMode.class, this.config.getString(createPropNameUnsigned, secureResolveMode.name()));
        if (secureResolveMode2 == secureResolveMode) {
            this.config.setProperty(createPropNameUnsigned, secureResolveMode2.name());
        }
        if (secureResolveMode2 == SecureResolveMode.IgnoreDnssec || secureMessage.isSecure()) {
            return secureMessage;
        }
        if ((secureResolveMode2 == SecureResolveMode.SecureOnly && !secureMessage.isSecure()) || (secureResolveMode2 == SecureResolveMode.SecureOrUnsigned && secureMessage.isBogus())) {
            String exceptionMessage = getExceptionMessage(secureMessage);
            Date date = this.lastNotifications.get(exceptionMessage);
            if (date == null || date.before(new Date(new Date().getTime() - 300000))) {
                DnsUtilActivator.getNotificationService().fireNotification(EVENT_TYPE, this.R.getI18NString("util.dns.INSECURE_ANSWER_TITLE"), exceptionMessage, (byte[]) null);
                this.lastNotifications.put(exceptionMessage, new Date());
            }
            throw new DnssecRuntimeException(exceptionMessage);
        }
        if (secureResolveMode2 == SecureResolveMode.SecureOrUnsigned && !secureMessage.isBogus()) {
            return secureMessage;
        }
        if (secureResolveMode2 == SecureResolveMode.WarnIfBogus && !secureMessage.isBogus()) {
            return secureMessage;
        }
        DnssecDialog dnssecDialog = new DnssecDialog(name, secureMessage.isBogus() ? this.R.getI18NString("util.dns.DNSSEC_ADVANCED_REASON_BOGUS", new String[]{name, secureMessage.getBogusReason()}) : this.R.getI18NString("util.dns.DNSSEC_ADVANCED_REASON_UNSIGNED", new String[]{string, name}));
        dnssecDialog.setVisible(true);
        switch (AnonymousClass1.$SwitchMap$net$java$sip$communicator$impl$dns$ConfigurableDnssecResolver$DnssecDialogResult[dnssecDialog.getResult().ordinal()]) {
            case 2:
                throw new DnssecRuntimeException(getExceptionMessage(secureMessage));
            case 3:
                if (!secureMessage.isBogus()) {
                    this.config.setProperty(createPropNameUnsigned, SecureResolveMode.WarnIfBogus.name());
                    break;
                } else {
                    this.config.setProperty(createPropNameUnsigned, SecureResolveMode.IgnoreDnssec.name());
                    break;
                }
            case 4:
                this.config.setProperty(createPropNameUnsigned, SecureResolveMode.SecureOnly);
                throw new DnssecRuntimeException(getExceptionMessage(secureMessage));
        }
        return secureMessage;
    }

    private String getExceptionMessage(SecureMessage secureMessage) {
        return secureMessage.getBogusReason() == null ? this.R.getI18NString("util.dns.INSECURE_ANSWER_MESSAGE_NO_REASON", new String[]{secureMessage.getQuestion().getName().toString()}) : this.R.getI18NString("util.dns.INSECURE_ANSWER_MESSAGE_REASON", new String[]{secureMessage.getQuestion().getName().toString(), secureMessage.getBogusReason()});
    }

    private String createPropNameUnsigned(String str, String str2) {
        return "net.java.sip.communicator.util.dns.pin." + str.replace(".", "__");
    }

    public void reset() {
        String string = DnsUtilActivator.getConfigurationService().getString(DnsUtilActivator.PNAME_DNSSEC_NAMESERVERS);
        if (!StringUtils.isNullOrEmpty(string, true)) {
            if (logger.isTraceEnabled()) {
                logger.trace("Setting DNSSEC forwarders to: " + string);
            }
            synchronized (Lookup.class) {
                Lookup.refreshDefault();
                String[] split = string.split(",");
                for (Resolver resolver : this.headResolver.getResolvers()) {
                    this.headResolver.deleteResolver(resolver);
                }
                for (String str : split) {
                    try {
                        SimpleResolver simpleResolver = new SimpleResolver(str);
                        simpleResolver.setEDNS(0, 0, 32768, (List) null);
                        simpleResolver.setIgnoreTruncation(false);
                        this.headResolver.addResolver(simpleResolver);
                    } catch (UnknownHostException e) {
                        logger.error("Invalid forwarder, ignoring", e);
                    }
                }
                Lookup.setDefaultResolver(this);
            }
        }
        StringBuilder sb = new StringBuilder();
        int i = 1;
        while (true) {
            String settingsString = DnsUtilActivator.getResources().getSettingsString("net.java.sip.communicator.util.dns.DS_ROOT." + i);
            if (settingsString == null) {
                try {
                    break;
                } catch (IOException e2) {
                    logger.error("Could not load the trust anchors", e2);
                }
            } else {
                sb.append(settingsString);
                sb.append('\n');
                i++;
            }
        }
        super.loadTrustAnchors(new ByteArrayInputStream(sb.toString().getBytes("ASCII")));
        if (logger.isTraceEnabled()) {
            logger.trace("Loaded trust anchors " + sb.toString());
        }
    }
}
