package org.filesys.server.auth.passthru;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.StringTokenizer;
import org.filesys.debug.Debug;
import org.filesys.server.SessionListener;
import org.filesys.server.SrvSession;
import org.filesys.server.auth.AuthContext;
import org.filesys.server.auth.ClientInfo;
import org.filesys.server.auth.ISMBAuthenticator;
import org.filesys.server.auth.NTLanManAuthContext;
import org.filesys.server.auth.SMBAuthenticator;
import org.filesys.server.auth.SecurityBlob;
import org.filesys.server.auth.UserAccount;
import org.filesys.server.auth.ntlm.NTLM;
import org.filesys.server.auth.ntlm.NTLMMessage;
import org.filesys.server.auth.ntlm.StringTargetInfo;
import org.filesys.server.auth.ntlm.TargetInfo;
import org.filesys.server.auth.ntlm.Type1NTLMMessage;
import org.filesys.server.auth.ntlm.Type2NTLMMessage;
import org.filesys.server.auth.ntlm.Type3NTLMMessage;
import org.filesys.server.auth.spnego.NegTokenInit;
import org.filesys.server.auth.spnego.NegTokenTarg;
import org.filesys.server.auth.spnego.OID;
import org.filesys.server.auth.spnego.SPNEGO;
import org.filesys.server.config.InvalidConfigurationException;
import org.filesys.server.config.ServerConfiguration;
import org.filesys.server.core.NoPooledMemoryException;
import org.filesys.server.core.ShareType;
import org.filesys.server.core.SharedDevice;
import org.filesys.smb.Protocol;
import org.filesys.smb.SMBStatus;
import org.filesys.smb.server.SMBConfigSection;
import org.filesys.smb.server.SMBServer;
import org.filesys.smb.server.SMBSrvException;
import org.filesys.smb.server.SMBSrvPacket;
import org.filesys.smb.server.SMBSrvSession;
import org.filesys.smb.server.SMBV1Parser;
import org.filesys.smb.server.SetupObjectType;
import org.filesys.smb.server.VirtualCircuit;
import org.filesys.util.DataPacker;
import org.filesys.util.HexDump;
import org.springframework.extensions.config.ConfigElement;

/* loaded from: input_file:org/filesys/server/auth/passthru/PassthruAuthenticator.class */
public class PassthruAuthenticator extends SMBAuthenticator implements SessionListener {
    public static final int DefaultSessionTmo = 5000;
    public static final int MinSessionTmo = 2000;
    public static final int MaxSessionTmo = 30000;
    public static final int MinCheckInterval = 10;
    public static final int MaxCheckInterval = 900;
    public static final long PassthruKeepAliveInterval = 60000;
    private static final int NTLM_FLAGS = -1610612095;
    private PassthruServers m_passthruServers;
    private SMBServer m_server;
    private Hashtable m_sessions = new Hashtable();

    public PassthruAuthenticator() {
        setExtendedSecurity(true);
    }

    @Override // org.filesys.server.auth.SMBAuthenticator, org.filesys.server.auth.ISMBAuthenticator
    public ISMBAuthenticator.ShareStatus authenticateShareConnect(ClientInfo clientInfo, SharedDevice sharedDevice, String str, SrvSession srvSession) {
        if (getAccessMode() != ISMBAuthenticator.AuthMode.SHARE && sharedDevice.getType() != ShareType.ADMINPIPE) {
            UserAccount userAccount = null;
            if (clientInfo != null) {
                userAccount = getUserDetails(clientInfo.getUserName());
            }
            return userAccount == null ? allowGuest() ? ISMBAuthenticator.ShareStatus.WRITEABLE : ISMBAuthenticator.ShareStatus.NO_ACCESS : !userAccount.hasShare(sharedDevice.getName()) ? ISMBAuthenticator.ShareStatus.NO_ACCESS : ISMBAuthenticator.ShareStatus.WRITEABLE;
        }
        return ISMBAuthenticator.ShareStatus.WRITEABLE;
    }

    public ISMBAuthenticator.AuthStatus authenticateUser(ClientInfo clientInfo, SrvSession srvSession, int i) {
        if (clientInfo.isNullSession()) {
            if (hasDebug()) {
                Debug.println("Null CIFS logon allowed");
            }
            return ISMBAuthenticator.AuthStatus.AUTHENTICATED;
        }
        ISMBAuthenticator.AuthStatus authStatus = ISMBAuthenticator.AuthStatus.DISALLOW;
        if (clientInfo.isGuest() || clientInfo.getUserName().equalsIgnoreCase(getGuestUserName())) {
            if (!allowGuest()) {
                return ISMBAuthenticator.AuthStatus.DISALLOW;
            }
            doGuestLogon(clientInfo, srvSession);
            ISMBAuthenticator.AuthStatus authStatus2 = ISMBAuthenticator.AuthStatus.GUEST_LOGON;
            if (hasDebug()) {
                Debug.println("Authenticated user " + clientInfo.getUserName() + " sts=" + authStatus2.name());
            }
            return authStatus2;
        }
        PassthruDetails passthruDetails = (PassthruDetails) this.m_sessions.get(srvSession.getUniqueId());
        if (passthruDetails != null) {
            try {
                AuthenticateSession authenticateSession = passthruDetails.getAuthenticateSession();
                authenticateSession.doSessionSetup(clientInfo.getUserName(), clientInfo.getANSIPassword(), clientInfo.getPassword());
                if (!authenticateSession.isGuest()) {
                    authStatus = ISMBAuthenticator.AuthStatus.AUTHENTICATED;
                    if (hasDebug()) {
                        Debug.println("Passthru authenticate user=" + clientInfo.getUserName() + ", FULL");
                    }
                } else if (allowGuest()) {
                    doGuestLogon(clientInfo, srvSession);
                    authStatus = ISMBAuthenticator.AuthStatus.GUEST_LOGON;
                    if (hasDebug()) {
                        Debug.println("Passthru authenticate user=" + clientInfo.getUserName() + ", GUEST");
                    }
                }
            } catch (Exception e) {
                Debug.println(e.getMessage());
            }
            if (!(srvSession instanceof SMBSrvSession)) {
                this.m_sessions.remove(srvSession.getUniqueId());
                try {
                    AuthenticateSession authenticateSession2 = passthruDetails.getAuthenticateSession();
                    authenticateSession2.CloseSession();
                    if (hasDebug()) {
                        Debug.println("Closed auth session, sessId=" + authenticateSession2.getSessionId());
                    }
                } catch (Exception e2) {
                    Debug.println("Passthru error closing session (auth user) " + e2.getMessage());
                }
            }
        } else if (hasDebug()) {
            Debug.println("  No PassthruDetails for " + srvSession.getUniqueId());
        }
        return authStatus;
    }

    @Override // org.filesys.server.auth.SMBAuthenticator, org.filesys.server.auth.ISMBAuthenticator
    public AuthContext getAuthContext(SMBSrvSession sMBSrvSession) {
        if (this.m_server == null && (sMBSrvSession instanceof SMBSrvSession)) {
            this.m_server = sMBSrvSession.getSMBServer();
            this.m_server.addSessionListener(this);
        }
        NTLanManAuthContext nTLanManAuthContext = null;
        try {
            AuthenticateSession openSession = this.m_passthruServers.openSession();
            if (openSession != null) {
                this.m_sessions.put(sMBSrvSession.getUniqueId(), new PassthruDetails(sMBSrvSession, openSession));
                nTLanManAuthContext = new NTLanManAuthContext(openSession.getEncryptionKey());
                sMBSrvSession.setAuthenticationContext(nTLanManAuthContext);
                if (hasDebug()) {
                    Debug.println("Passthru sessId=" + openSession.getSessionId() + ", auth ctx=" + String.valueOf(nTLanManAuthContext));
                }
            }
        } catch (Exception e) {
            Debug.println("Passthru error getting challenge " + e.getMessage());
        }
        return nTLanManAuthContext;
    }

    @Override // org.filesys.server.auth.SMBAuthenticator, org.filesys.server.auth.ISMBAuthenticator
    public void processSessionSetup(SMBSrvSession sMBSrvSession, SMBSrvPacket sMBSrvPacket) throws SMBSrvException {
        byte[] doSpnegoSessionSetup;
        int disconnectClientSessions;
        SMBV1Parser sMBV1Parser = (SMBV1Parser) sMBSrvPacket.getParser();
        if (!sMBV1Parser.checkPacketIsValid(12, 0)) {
            throw new SMBSrvException(SMBStatus.NTInvalidParameter, 1, 2);
        }
        if (sMBV1Parser.getParameterCount() == 13) {
            super.processSessionSetup(sMBSrvSession, sMBSrvPacket);
            return;
        }
        int parameter = sMBV1Parser.getParameter(2);
        int parameter2 = sMBV1Parser.getParameter(3);
        int parameter3 = sMBV1Parser.getParameter(4);
        int parameter4 = sMBV1Parser.getParameter(7);
        int parameterLong = sMBV1Parser.getParameterLong(10);
        int byteOffset = sMBV1Parser.getByteOffset();
        byte[] buffer = sMBV1Parser.getBuffer();
        boolean isUnicode = sMBV1Parser.isUnicode();
        sMBV1Parser.setPosition(byteOffset + parameter4);
        String str = "";
        if (sMBV1Parser.hasMoreData()) {
            str = sMBV1Parser.unpackString(isUnicode);
            if (str == null) {
                throw new SMBSrvException(SMBStatus.NTInvalidParameter, 1, 2);
            }
        }
        String str2 = "";
        if (sMBV1Parser.hasMoreData()) {
            str2 = sMBV1Parser.unpackString(isUnicode);
            if (str2 == null) {
                throw new SMBSrvException(SMBStatus.NTInvalidParameter, 1, 2);
            }
        }
        sMBSrvSession.setClientMaximumBufferSize(parameter != 0 ? parameter : 65540);
        sMBSrvSession.setClientMaximumMultiplex(parameter2);
        sMBSrvSession.setClientCapabilities(parameterLong);
        ClientInfo createInfo = ClientInfo.createInfo("", null);
        createInfo.setDomain(str);
        createInfo.setOperatingSystem(str2);
        createInfo.setLogonType(ClientInfo.LogonType.Normal);
        if (sMBSrvSession.hasRemoteAddress()) {
            createInfo.setClientAddress(sMBSrvSession.getRemoteAddress().getHostAddress());
        }
        createInfo.setProcessId(sMBV1Parser.getProcessId());
        Object setupObject = sMBSrvSession.getSetupObject(createInfo.getProcessId(), SetupObjectType.Type2Message);
        boolean z = false;
        try {
            if (parameter4 >= NTLM.Signature.length) {
                int i = 0;
                while (i < NTLM.Signature.length && buffer[byteOffset + i] == NTLM.Signature[i]) {
                    i++;
                }
                if (i == NTLM.Signature.length) {
                    z = true;
                }
            }
            if (z) {
                if (hasDebug()) {
                    Debug.println("NT Session setup NTLMSSP, MID=" + sMBV1Parser.getMultiplexId() + ", UID=" + sMBV1Parser.getUserId() + ", PID=" + sMBV1Parser.getProcessId());
                }
                doSpnegoSessionSetup = doNtlmsspSessionSetup(sMBSrvSession, createInfo, buffer, byteOffset, parameter4, isUnicode);
            } else {
                doSpnegoSessionSetup = doSpnegoSessionSetup(sMBSrvSession, createInfo, buffer, byteOffset, parameter4, isUnicode);
            }
            if (sMBSrvSession.hasDebug(SMBSrvSession.Dbg.NEGOTIATE)) {
                if (doSpnegoSessionSetup == null) {
                    Debug.println("[SMB] User " + createInfo.getUserName() + " logged on " + (createInfo != null ? " (type " + createInfo.getLogonTypeString() + ")" : ""));
                } else {
                    Debug.println("[SMB] Two stage logon (" + (z ? "NTLMSSP" : "SPNEGO") + ")");
                }
            }
            if (sMBSrvSession.getClientInformation() == null || sMBSrvSession.getClientInformation().getUserName().length() == 0) {
                sMBSrvSession.setClientInformation(createInfo);
            }
            int length = doSpnegoSessionSetup != null ? doSpnegoSessionSetup.length : 0;
            boolean z2 = false;
            if (z || sMBSrvSession.hasSetupObject(createInfo.getProcessId(), SetupObjectType.Type2Message) || setupObject != null) {
                if (sMBSrvSession.hasSetupObject(createInfo.getProcessId(), SetupObjectType.Type2Message)) {
                    sMBV1Parser.setLongErrorCode(SMBStatus.NTMoreProcessingRequired);
                } else {
                    sMBV1Parser.setLongErrorCode(0);
                    z2 = true;
                }
                sMBV1Parser.setParameterCount(4);
                int i2 = length + 100;
                if (i2 > sMBV1Parser.getAvailableLength()) {
                    try {
                        SMBSrvPacket allocatePacket = sMBSrvSession.getPacketPool().allocatePacket(sMBV1Parser.getByteOffset() + i2, sMBSrvPacket);
                        allocatePacket.setParser(SMBSrvPacket.Version.V1);
                        sMBV1Parser = (SMBV1Parser) allocatePacket.getParser();
                    } catch (NoPooledMemoryException e) {
                        if (hasDebug()) {
                            Debug.println("Authenticator failed to allocate packet from pool, reqSiz=" + (sMBV1Parser.getByteOffset() + length));
                        }
                        throw new SMBSrvException(SMBStatus.NTInvalidParameter, 83, 2);
                    }
                }
                sMBV1Parser.setParameter(0, 255);
                sMBV1Parser.setParameter(1, 0);
                sMBV1Parser.setParameter(2, 0);
                sMBV1Parser.setParameter(3, length);
            } else {
                sMBV1Parser.setLongErrorCode(0);
                sMBV1Parser.setParameterCount(12);
                sMBV1Parser.setParameter(0, 255);
                sMBV1Parser.setParameter(1, 0);
                sMBV1Parser.setParameter(2, 65540);
                sMBV1Parser.setParameter(3, 4);
                sMBV1Parser.setParameter(4, 0);
                sMBV1Parser.setParameterLong(5, 0);
                sMBV1Parser.setParameter(7, length);
                sMBV1Parser.setParameterLong(8, 0);
                sMBV1Parser.setParameterLong(10, getServerCapabilities());
                z2 = true;
            }
            int i3 = 0;
            if (z2) {
                if (parameter3 == 0 && hasSessionCleanup() && (disconnectClientSessions = sMBSrvSession.disconnectClientSessions()) > 0 && sMBSrvSession.hasDebug(SMBSrvSession.Dbg.NEGOTIATE)) {
                    Debug.println("[SMB] Disconnected " + disconnectClientSessions + " existing sessions from client, sess=" + String.valueOf(sMBSrvSession));
                }
                sMBSrvSession.removeAllSetupObjects(createInfo.getProcessId());
                VirtualCircuit virtualCircuit = new VirtualCircuit(parameter3, createInfo);
                i3 = sMBSrvSession.addVirtualCircuit(virtualCircuit);
                if (i3 == -1) {
                    if (hasDebug() && sMBSrvSession.hasDebug(SMBSrvSession.Dbg.NEGOTIATE)) {
                        Debug.println("Failed to allocate UID for virtual circuit, " + String.valueOf(virtualCircuit));
                    }
                    throw new SMBSrvException(SMBStatus.NTLogonFailure, 5, 1);
                }
                if (hasDebug() && sMBSrvSession.hasDebug(SMBSrvSession.Dbg.NEGOTIATE)) {
                    Debug.println("Allocated UID=" + i3 + " for VC=" + String.valueOf(virtualCircuit));
                }
            }
            sMBV1Parser.setCommand(sMBV1Parser.getCommand());
            sMBV1Parser.setByteCount(0);
            sMBV1Parser.setTreeId(0);
            sMBV1Parser.setUserId(i3);
            sMBV1Parser.setFlags(sMBV1Parser.getFlags() & (-9));
            int i4 = 18433;
            if (isUnicode) {
                i4 = 18433 + 32768;
            }
            sMBV1Parser.setFlags2(i4);
            int byteOffset2 = sMBV1Parser.getByteOffset();
            byte[] buffer2 = sMBV1Parser.getBuffer();
            if (doSpnegoSessionSetup != null) {
                System.arraycopy(doSpnegoSessionSetup, 0, buffer2, byteOffset2, doSpnegoSessionSetup.length);
                byteOffset2 += doSpnegoSessionSetup.length;
            }
            if (isUnicode) {
                byteOffset2 = DataPacker.wordAlign(byteOffset2);
            }
            sMBV1Parser.setByteCount(DataPacker.putString(sMBSrvSession.getSMBServer().getSMBConfiguration().getDomainName(), buffer2, DataPacker.putString("Java File Server " + sMBSrvSession.getServer().isVersion(), buffer2, DataPacker.putString("Java", buffer2, byteOffset2, true, isUnicode), true, isUnicode), true, isUnicode) - sMBV1Parser.getByteOffset());
        } catch (SMBSrvException e2) {
            sMBSrvSession.removeAllSetupObjects(createInfo.getProcessId());
            throw e2;
        }
    }

    @Override // org.filesys.server.auth.SMBAuthenticator, org.filesys.server.auth.ISMBAuthenticator
    public ISMBAuthenticator.AuthStatus processSecurityBlob(SMBSrvSession sMBSrvSession, ClientInfo clientInfo, SecurityBlob securityBlob) throws SMBSrvException {
        return ISMBAuthenticator.AuthStatus.DISALLOW;
    }

    private final byte[] doNtlmsspSessionSetup(SMBSrvSession sMBSrvSession, ClientInfo clientInfo, byte[] bArr, int i, int i2, boolean z) throws SMBSrvException {
        NTLMMessage.Type isNTLMType = NTLMMessage.isNTLMType(bArr, i);
        byte[] bArr2 = null;
        if (isNTLMType == NTLMMessage.Type.Invalid) {
            if (hasDebug()) {
                Debug.println("Invalid NTLMSSP token received");
                Debug.println("  Token=" + HexDump.hexString(bArr, i, i2, " "));
            }
            throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
        }
        if (isNTLMType == NTLMMessage.Type.Negotiate) {
            int flags = new Type1NTLMMessage(bArr, i, i2).getFlags() & NTLM_FLAGS;
            NTLanManAuthContext nTLanManAuthContext = (NTLanManAuthContext) getAuthContext(sMBSrvSession);
            if (nTLanManAuthContext == null) {
                throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
            }
            String serverName = sMBSrvSession.getSMBServer().getServerName();
            ArrayList arrayList = new ArrayList();
            arrayList.add(new StringTargetInfo(TargetInfo.Type.DOMAIN, serverName));
            arrayList.add(new StringTargetInfo(TargetInfo.Type.SERVER, sMBSrvSession.getServerName()));
            arrayList.add(new StringTargetInfo(TargetInfo.Type.DNS_DOMAIN, serverName));
            arrayList.add(new StringTargetInfo(TargetInfo.Type.FULL_DNS, serverName));
            Type2NTLMMessage type2NTLMMessage = new Type2NTLMMessage();
            type2NTLMMessage.buildType2(-1065221627, serverName, nTLanManAuthContext.getChallenge(), null, arrayList);
            sMBSrvSession.setSetupObject(clientInfo.getProcessId(), type2NTLMMessage, SetupObjectType.Type2Message);
            bArr2 = type2NTLMMessage.getBytes();
        } else if (isNTLMType == NTLMMessage.Type.Authenticate) {
            Type3NTLMMessage type3NTLMMessage = new Type3NTLMMessage(bArr, i, i2, z);
            if (sMBSrvSession.hasSetupObject(clientInfo.getProcessId(), SetupObjectType.Type2Message)) {
                sMBSrvSession.removeAllSetupObjects(clientInfo.getProcessId());
                throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
            }
            if (type3NTLMMessage.hasFlag(536870912) && type3NTLMMessage.hasFlag(524288)) {
                if (hasDebug()) {
                    Debug.println("Received NTLMSSP/NTLMv2, not supported");
                }
                throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
            }
            doNTLMv1Logon(sMBSrvSession, clientInfo, type3NTLMMessage);
            if (hasDebug()) {
                Debug.println("Logged on using NTLMSSP/NTLMv1");
            }
        }
        return bArr2;
    }

    private final void doNTLMv1Logon(SMBSrvSession sMBSrvSession, ClientInfo clientInfo, Type3NTLMMessage type3NTLMMessage) throws SMBSrvException {
        String userName = type3NTLMMessage.getUserName();
        if (userName.length() == 0) {
            if (hasDebug()) {
                Debug.println("Null logon");
            }
            clientInfo.setLogonType(ClientInfo.LogonType.Null);
            return;
        }
        PassthruDetails passthruDetails = (PassthruDetails) this.m_sessions.get(sMBSrvSession.getUniqueId());
        if (passthruDetails == null) {
            if (hasDebug()) {
                Debug.println("  No PassthruDetails for " + sMBSrvSession.getUniqueId());
            }
            throw new SMBSrvException(6, SMBStatus.NTLogonFailure);
        }
        try {
            try {
                AuthenticateSession authenticateSession = passthruDetails.getAuthenticateSession();
                authenticateSession.doSessionSetup(userName, type3NTLMMessage.getLMHash(), type3NTLMMessage.getNTLMHash());
                if (!authenticateSession.isGuest()) {
                    clientInfo.setLogonType(ClientInfo.LogonType.Normal);
                    if (hasDebug()) {
                        Debug.println("Passthru authenticate user=" + userName + ", FULL");
                    }
                } else if (allowGuest()) {
                    doGuestLogon(clientInfo, sMBSrvSession);
                    if (hasDebug()) {
                        Debug.println("Passthru authenticate user=" + userName + ", GUEST");
                    }
                }
                clientInfo.setDomain(type3NTLMMessage.getDomain());
                clientInfo.setUserName(userName);
                this.m_sessions.remove(sMBSrvSession.getUniqueId());
                try {
                    AuthenticateSession authenticateSession2 = passthruDetails.getAuthenticateSession();
                    authenticateSession2.CloseSession();
                    if (hasDebug()) {
                        Debug.println("Closed auth session, sessId=" + authenticateSession2.getSessionId());
                    }
                } catch (Exception e) {
                    Debug.println("Passthru error closing session (auth user) " + e.getMessage());
                }
            } catch (Exception e2) {
                Debug.println(e2.getMessage());
                throw new SMBSrvException(6, SMBStatus.NTLogonFailure);
            }
        } catch (Throwable th) {
            this.m_sessions.remove(sMBSrvSession.getUniqueId());
            try {
                AuthenticateSession authenticateSession3 = passthruDetails.getAuthenticateSession();
                authenticateSession3.CloseSession();
                if (hasDebug()) {
                    Debug.println("Closed auth session, sessId=" + authenticateSession3.getSessionId());
                }
            } catch (Exception e3) {
                Debug.println("Passthru error closing session (auth user) " + e3.getMessage());
            }
            throw th;
        }
    }

    private final byte[] doSpnegoSessionSetup(SMBSrvSession sMBSrvSession, ClientInfo clientInfo, byte[] bArr, int i, int i2, boolean z) throws SMBSrvException {
        NegTokenTarg negTokenTarg;
        int i3 = -1;
        try {
            i3 = SPNEGO.checkTokenType(bArr, i, i2);
        } catch (IOException e) {
        }
        if (i3 == 1 && sMBSrvSession.hasSetupObject(clientInfo.getProcessId(), SetupObjectType.Type2Message)) {
            NegTokenTarg negTokenTarg2 = new NegTokenTarg();
            try {
                negTokenTarg2.decode(bArr, i, i2);
                byte[] responseToken = negTokenTarg2.getResponseToken();
                byte[] doNtlmsspSessionSetup = doNtlmsspSessionSetup(sMBSrvSession, clientInfo, responseToken, 0, responseToken.length, z);
                SPNEGO.Result result = SPNEGO.Result.AcceptCompleted;
                if (sMBSrvSession.hasSetupObject(clientInfo.getProcessId(), SetupObjectType.Type2Message)) {
                    result = SPNEGO.Result.AcceptIncomplete;
                }
                negTokenTarg = new NegTokenTarg(result, null, doNtlmsspSessionSetup);
            } catch (IOException e2) {
                if (hasDebug()) {
                    Debug.println("Passthru error on session startup: " + e2.getMessage());
                }
                throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
            }
        } else {
            if (i3 != 0) {
                if (hasDebug()) {
                    Debug.println("Unknown SPNEGO token type");
                }
                throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
            }
            NegTokenInit negTokenInit = new NegTokenInit();
            try {
                negTokenInit.decode(bArr, i, i2);
                String str = null;
                if (negTokenInit.numberOfOids() > 0) {
                    str = negTokenInit.getOidAt(0).toString();
                }
                if (str == null || !str.equals(OID.ID_NTLMSSP)) {
                    if (hasDebug()) {
                        Debug.println("No matching authentication OID found");
                        Debug.println("  " + negTokenInit.toString());
                    }
                    throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
                }
                byte[] mechtoken = negTokenInit.getMechtoken();
                byte[] doNtlmsspSessionSetup2 = doNtlmsspSessionSetup(sMBSrvSession, clientInfo, mechtoken, 0, mechtoken.length, z);
                SPNEGO.Result result2 = SPNEGO.Result.AcceptCompleted;
                if (sMBSrvSession.hasSetupObject(clientInfo.getProcessId(), SetupObjectType.Type2Message)) {
                    result2 = SPNEGO.Result.AcceptIncomplete;
                }
                negTokenTarg = new NegTokenTarg(result2, OID.NTLMSSP, doNtlmsspSessionSetup2);
            } catch (IOException e3) {
                if (hasDebug()) {
                    Debug.println("Passthru error on session startup: " + e3.getMessage());
                }
                throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
            }
        }
        try {
            return negTokenTarg.encode();
        } catch (IOException e4) {
            if (hasDebug()) {
                Debug.println("Failed to encode NegTokenTarg: " + e4.getMessage());
            }
            throw new SMBSrvException(SMBStatus.NTLogonFailure, 1, 5);
        }
    }

    @Override // org.filesys.server.auth.SMBAuthenticator
    public void initialize(ServerConfiguration serverConfiguration, ConfigElement configElement) throws InvalidConfigurationException {
        super.initialize(serverConfiguration, configElement);
        if (configElement.getChild("disableSessionCleanup") != null) {
            setSessionCleanup(false);
            if (hasDebug()) {
                Debug.println("[SMB] Disabled session cleanup (for virtual circuit zero logons)");
            }
        }
        ConfigElement child = configElement.getChild("protocolOrder");
        if (child != null) {
            StringTokenizer stringTokenizer = new StringTokenizer(child.getValue(), ",");
            int i = -1;
            int i2 = -1;
            if (stringTokenizer.countTokens() > 2) {
                throw new InvalidConfigurationException("Invalid protocol order list, " + child.getValue());
            }
            if (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (nextToken.equalsIgnoreCase("TCPIP")) {
                    i = 2;
                } else {
                    if (!nextToken.equalsIgnoreCase("NetBIOS")) {
                        throw new InvalidConfigurationException("Invalid protocol type, " + nextToken);
                    }
                    i = 1;
                }
                if (stringTokenizer.hasMoreTokens()) {
                    String nextToken2 = stringTokenizer.nextToken();
                    if (nextToken2.equalsIgnoreCase("TCPIP") && i != 2) {
                        i2 = 2;
                    } else {
                        if (!nextToken2.equalsIgnoreCase("NetBIOS") || i == 1) {
                            throw new InvalidConfigurationException("Invalid secondary protocol, " + nextToken2);
                        }
                        i2 = 1;
                    }
                }
            }
            AuthSessionFactory.setProtocolOrder(i, i2);
            if (hasDebug()) {
                Debug.println("Protocol order primary=" + Protocol.asString(i) + ", secondary=" + Protocol.asString(i2));
            }
        }
        ConfigElement child2 = configElement.getChild("offlineCheckInterval");
        if (child2 != null) {
            try {
                int parseInt = Integer.parseInt(child2.getValue());
                if (parseInt < 10 || parseInt > 900) {
                    throw new InvalidConfigurationException("Invalid offline check interval, valid range is 10 to 900");
                }
                this.m_passthruServers = new PassthruServers(parseInt);
                if (hasDebug()) {
                    Debug.println("Using offline check interval of " + parseInt + " seconds");
                }
            } catch (NumberFormatException e) {
                throw new InvalidConfigurationException("Invalid offline check interval specified");
            }
        } else {
            this.m_passthruServers = new PassthruServers();
        }
        if (hasDebug()) {
            this.m_passthruServers.setDebug(true);
        }
        ConfigElement child3 = configElement.getChild("Timeout");
        if (child3 != null) {
            try {
                int parseInt2 = Integer.parseInt(child3.getValue());
                if (parseInt2 < 2000 || parseInt2 > 30000) {
                    throw new InvalidConfigurationException("Invalid session timeout, valid range is 2000 to 30000");
                }
                this.m_passthruServers.setConnectionTimeout(parseInt2);
            } catch (NumberFormatException e2) {
                throw new InvalidConfigurationException("Invalid timeout value specified");
            }
        }
        String str = null;
        ConfigElement child4 = configElement.getChild("Server");
        if (child4 != null && child4.getValue().length() > 0) {
            if (0 != 0) {
                throw new InvalidConfigurationException("Set passthru server via local server or specify name");
            }
            str = child4.getValue();
        }
        if (str != null) {
            this.m_passthruServers.setServerList(str);
        } else {
            String str2 = null;
            ConfigElement child5 = configElement.getChild("Domain");
            if (child5 != null && child5.getValue().length() > 0) {
                if (str != null) {
                    throw new InvalidConfigurationException("Specify server or domain name for passthru authentication");
                }
                str2 = child5.getValue();
            }
            if (str2 != null) {
                try {
                    this.m_passthruServers.setDomain(str2);
                } catch (IOException e3) {
                    throw new InvalidConfigurationException("Failed to set domain, " + e3.getMessage());
                }
            }
        }
        if (this.m_passthruServers.getTotalServerCount() == 0) {
            throw new InvalidConfigurationException("No valid authentication servers found for passthru");
        }
        SMBServer sMBServer = (SMBServer) serverConfiguration.findServer(SMBConfigSection.SectionName);
        if (sMBServer != null) {
            sMBServer.addSessionListener(this);
        }
    }

    @Override // org.filesys.server.auth.SMBAuthenticator, org.filesys.server.auth.ISMBAuthenticator
    public int getServerCapabilities() {
        return -2147425540;
    }

    @Override // org.filesys.server.auth.SMBAuthenticator, org.filesys.server.auth.ISMBAuthenticator
    public void closeAuthenticator() {
        if (this.m_passthruServers != null) {
            this.m_passthruServers.shutdown();
        }
    }

    @Override // org.filesys.server.SessionListener
    public void sessionClosed(SrvSession srvSession) {
        PassthruDetails passthruDetails = (PassthruDetails) this.m_sessions.get(srvSession.getUniqueId());
        if (passthruDetails != null) {
            this.m_sessions.remove(srvSession.getUniqueId());
            try {
                AuthenticateSession authenticateSession = passthruDetails.getAuthenticateSession();
                authenticateSession.CloseSession();
                if (hasDebug()) {
                    Debug.println("Closed auth session, sessId=" + authenticateSession.getSessionId());
                }
            } catch (Exception e) {
                if (hasDebug()) {
                    Debug.println("Passthru error closing session (closed) " + e.getMessage());
                }
            }
        }
    }

    @Override // org.filesys.server.SessionListener
    public void sessionCreated(SrvSession srvSession) {
    }

    @Override // org.filesys.server.SessionListener
    public void sessionLoggedOn(SrvSession srvSession) {
        PassthruDetails passthruDetails = (PassthruDetails) this.m_sessions.get(srvSession.getUniqueId());
        if (passthruDetails != null) {
            this.m_sessions.remove(srvSession.getUniqueId());
            try {
                AuthenticateSession authenticateSession = passthruDetails.getAuthenticateSession();
                authenticateSession.CloseSession();
                if (hasDebug()) {
                    Debug.println("Closed auth session, sessId=" + authenticateSession.getSessionId());
                }
            } catch (Exception e) {
                if (hasDebug()) {
                    Debug.println("Passthru error closing session (logon) " + e.getMessage());
                }
            }
        }
    }
}
