package org.apache.zookeeper.server;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.Executors;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import org.apache.zookeeper.KeeperException;
import org.apache.zookeeper.common.X509Exception;
import org.apache.zookeeper.common.X509Util;
import org.apache.zookeeper.server.NettyServerCnxn;
import org.apache.zookeeper.server.auth.ProviderRegistry;
import org.apache.zookeeper.server.auth.X509AuthenticationProvider;
import org.jboss.netty.bootstrap.ServerBootstrap;
import org.jboss.netty.buffer.ChannelBuffer;
import org.jboss.netty.buffer.ChannelBuffers;
import org.jboss.netty.channel.Channel;
import org.jboss.netty.channel.ChannelFuture;
import org.jboss.netty.channel.ChannelFutureListener;
import org.jboss.netty.channel.ChannelHandler;
import org.jboss.netty.channel.ChannelHandlerContext;
import org.jboss.netty.channel.ChannelPipeline;
import org.jboss.netty.channel.ChannelPipelineFactory;
import org.jboss.netty.channel.ChannelStateEvent;
import org.jboss.netty.channel.Channels;
import org.jboss.netty.channel.ExceptionEvent;
import org.jboss.netty.channel.MessageEvent;
import org.jboss.netty.channel.SimpleChannelHandler;
import org.jboss.netty.channel.WriteCompletionEvent;
import org.jboss.netty.channel.group.ChannelGroup;
import org.jboss.netty.channel.group.DefaultChannelGroup;
import org.jboss.netty.channel.socket.nio.NioServerSocketChannelFactory;
import org.jboss.netty.handler.ssl.SslHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/zookeeper-3.5.3-beta.jar:org/apache/zookeeper/server/NettyServerCnxnFactory.class */
public class NettyServerCnxnFactory extends ServerCnxnFactory {
    private static final Logger LOG = LoggerFactory.getLogger(NettyServerCnxnFactory.class);
    Channel parentChannel;
    InetSocketAddress localAddress;
    boolean killed;
    ChannelGroup allChannels = new DefaultChannelGroup("zkServerCnxns");
    HashMap<InetAddress, Set<NettyServerCnxn>> ipMap = new HashMap<>();
    int maxClientCnxns = 60;
    CnxnChannelHandler channelHandler = new CnxnChannelHandler();
    ServerBootstrap bootstrap = new ServerBootstrap(new NioServerSocketChannelFactory(Executors.newCachedThreadPool(), Executors.newCachedThreadPool()));

    @ChannelHandler.Sharable
    /* loaded from: input_file:WEB-INF/lib/zookeeper-3.5.3-beta.jar:org/apache/zookeeper/server/NettyServerCnxnFactory$CnxnChannelHandler.class */
    class CnxnChannelHandler extends SimpleChannelHandler {

        /* loaded from: input_file:WEB-INF/lib/zookeeper-3.5.3-beta.jar:org/apache/zookeeper/server/NettyServerCnxnFactory$CnxnChannelHandler$CertificateVerifier.class */
        private final class CertificateVerifier implements ChannelFutureListener {
            private final SslHandler sslHandler;
            private final NettyServerCnxn cnxn;

            CertificateVerifier(SslHandler sslHandler, NettyServerCnxn nettyServerCnxn) {
                this.sslHandler = sslHandler;
                this.cnxn = nettyServerCnxn;
            }

            @Override // org.jboss.netty.channel.ChannelFutureListener
            public void operationComplete(ChannelFuture channelFuture) throws SSLPeerUnverifiedException {
                if (!channelFuture.isSuccess()) {
                    NettyServerCnxnFactory.LOG.error("Unsuccessful handshake with session 0x{}", Long.toHexString(this.cnxn.sessionId));
                    this.cnxn.close();
                    return;
                }
                NettyServerCnxnFactory.LOG.debug("Successful handshake with session 0x{}", Long.toHexString(this.cnxn.sessionId));
                this.cnxn.setClientCertificateChain(this.sslHandler.getEngine().getSession().getPeerCertificates());
                String property = System.getProperty("zookeeper.ssl.authProvider", "x509");
                X509AuthenticationProvider x509AuthenticationProvider = (X509AuthenticationProvider) ProviderRegistry.getProvider(property);
                if (x509AuthenticationProvider == null) {
                    NettyServerCnxnFactory.LOG.error("Auth provider not found: {}", property);
                    this.cnxn.close();
                } else if (KeeperException.Code.OK != x509AuthenticationProvider.handleAuthentication(this.cnxn, null)) {
                    NettyServerCnxnFactory.LOG.error("Authentication failed for session 0x{}", Long.toHexString(this.cnxn.sessionId));
                    this.cnxn.close();
                } else {
                    NettyServerCnxnFactory.this.allChannels.add(channelFuture.getChannel());
                    NettyServerCnxnFactory.this.addCnxn(this.cnxn);
                }
            }
        }

        CnxnChannelHandler() {
        }

        @Override // org.jboss.netty.channel.SimpleChannelHandler
        public void channelClosed(ChannelHandlerContext channelHandlerContext, ChannelStateEvent channelStateEvent) throws Exception {
            if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                NettyServerCnxnFactory.LOG.trace("Channel closed " + channelStateEvent);
            }
            NettyServerCnxnFactory.this.allChannels.remove(channelHandlerContext.getChannel());
        }

        @Override // org.jboss.netty.channel.SimpleChannelHandler
        public void channelConnected(ChannelHandlerContext channelHandlerContext, ChannelStateEvent channelStateEvent) throws Exception {
            if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                NettyServerCnxnFactory.LOG.trace("Channel connected " + channelStateEvent);
            }
            NettyServerCnxn nettyServerCnxn = new NettyServerCnxn(channelHandlerContext.getChannel(), NettyServerCnxnFactory.this.zkServer, NettyServerCnxnFactory.this);
            channelHandlerContext.setAttachment(nettyServerCnxn);
            if (NettyServerCnxnFactory.this.secure) {
                SslHandler sslHandler = (SslHandler) channelHandlerContext.getPipeline().get(SslHandler.class);
                sslHandler.handshake().addListener(new CertificateVerifier(sslHandler, nettyServerCnxn));
            } else {
                NettyServerCnxnFactory.this.allChannels.add(channelHandlerContext.getChannel());
                NettyServerCnxnFactory.this.addCnxn(nettyServerCnxn);
            }
        }

        @Override // org.jboss.netty.channel.SimpleChannelHandler
        public void channelDisconnected(ChannelHandlerContext channelHandlerContext, ChannelStateEvent channelStateEvent) throws Exception {
            if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                NettyServerCnxnFactory.LOG.trace("Channel disconnected " + channelStateEvent);
            }
            NettyServerCnxn nettyServerCnxn = (NettyServerCnxn) channelHandlerContext.getAttachment();
            if (nettyServerCnxn != null) {
                if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                    NettyServerCnxnFactory.LOG.trace("Channel disconnect caused close " + channelStateEvent);
                }
                nettyServerCnxn.close();
            }
        }

        @Override // org.jboss.netty.channel.SimpleChannelHandler
        public void exceptionCaught(ChannelHandlerContext channelHandlerContext, ExceptionEvent exceptionEvent) throws Exception {
            NettyServerCnxnFactory.LOG.warn("Exception caught " + exceptionEvent, exceptionEvent.getCause());
            NettyServerCnxn nettyServerCnxn = (NettyServerCnxn) channelHandlerContext.getAttachment();
            if (nettyServerCnxn != null) {
                if (NettyServerCnxnFactory.LOG.isDebugEnabled()) {
                    NettyServerCnxnFactory.LOG.debug("Closing " + nettyServerCnxn);
                }
                nettyServerCnxn.close();
            }
        }

        @Override // org.jboss.netty.channel.SimpleChannelHandler
        public void messageReceived(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent) throws Exception {
            if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                NettyServerCnxnFactory.LOG.trace("message received called " + messageEvent.getMessage());
            }
            try {
                if (NettyServerCnxnFactory.LOG.isDebugEnabled()) {
                    NettyServerCnxnFactory.LOG.debug("New message " + messageEvent.toString() + " from " + channelHandlerContext.getChannel());
                }
                NettyServerCnxn nettyServerCnxn = (NettyServerCnxn) channelHandlerContext.getAttachment();
                synchronized (nettyServerCnxn) {
                    processMessage(messageEvent, nettyServerCnxn);
                }
            } catch (Exception e) {
                NettyServerCnxnFactory.LOG.error("Unexpected exception in receive", e);
                throw e;
            }
        }

        private void processMessage(MessageEvent messageEvent, NettyServerCnxn nettyServerCnxn) {
            if (NettyServerCnxnFactory.LOG.isDebugEnabled()) {
                NettyServerCnxnFactory.LOG.debug(Long.toHexString(nettyServerCnxn.sessionId) + " queuedBuffer: " + nettyServerCnxn.queuedBuffer);
            }
            if (messageEvent instanceof NettyServerCnxn.ResumeMessageEvent) {
                NettyServerCnxnFactory.LOG.debug("Received ResumeMessageEvent");
                if (nettyServerCnxn.queuedBuffer != null) {
                    if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                        NettyServerCnxnFactory.LOG.trace("processing queue " + Long.toHexString(nettyServerCnxn.sessionId) + " queuedBuffer 0x" + ChannelBuffers.hexDump(nettyServerCnxn.queuedBuffer));
                    }
                    nettyServerCnxn.receiveMessage(nettyServerCnxn.queuedBuffer);
                    if (nettyServerCnxn.queuedBuffer.readable()) {
                        NettyServerCnxnFactory.LOG.debug("Processed queue - bytes remaining");
                    } else {
                        NettyServerCnxnFactory.LOG.debug("Processed queue - no bytes remaining");
                        nettyServerCnxn.queuedBuffer = null;
                    }
                } else {
                    NettyServerCnxnFactory.LOG.debug("queue empty");
                }
                nettyServerCnxn.channel.setReadable(true);
                return;
            }
            ChannelBuffer channelBuffer = (ChannelBuffer) messageEvent.getMessage();
            if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                NettyServerCnxnFactory.LOG.trace(Long.toHexString(nettyServerCnxn.sessionId) + " buf 0x" + ChannelBuffers.hexDump(channelBuffer));
            }
            if (nettyServerCnxn.throttled) {
                NettyServerCnxnFactory.LOG.debug("Received message while throttled");
                if (nettyServerCnxn.queuedBuffer == null) {
                    NettyServerCnxnFactory.LOG.debug("allocating queue");
                    nettyServerCnxn.queuedBuffer = ChannelBuffers.dynamicBuffer(channelBuffer.readableBytes());
                }
                nettyServerCnxn.queuedBuffer.writeBytes(channelBuffer);
                if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                    NettyServerCnxnFactory.LOG.trace(Long.toHexString(nettyServerCnxn.sessionId) + " queuedBuffer 0x" + ChannelBuffers.hexDump(nettyServerCnxn.queuedBuffer));
                    return;
                }
                return;
            }
            NettyServerCnxnFactory.LOG.debug("not throttled");
            if (nettyServerCnxn.queuedBuffer != null) {
                if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                    NettyServerCnxnFactory.LOG.trace(Long.toHexString(nettyServerCnxn.sessionId) + " queuedBuffer 0x" + ChannelBuffers.hexDump(nettyServerCnxn.queuedBuffer));
                }
                nettyServerCnxn.queuedBuffer.writeBytes(channelBuffer);
                if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                    NettyServerCnxnFactory.LOG.trace(Long.toHexString(nettyServerCnxn.sessionId) + " queuedBuffer 0x" + ChannelBuffers.hexDump(nettyServerCnxn.queuedBuffer));
                }
                nettyServerCnxn.receiveMessage(nettyServerCnxn.queuedBuffer);
                if (nettyServerCnxn.queuedBuffer.readable()) {
                    NettyServerCnxnFactory.LOG.debug("Processed queue - bytes remaining");
                    return;
                } else {
                    NettyServerCnxnFactory.LOG.debug("Processed queue - no bytes remaining");
                    nettyServerCnxn.queuedBuffer = null;
                    return;
                }
            }
            nettyServerCnxn.receiveMessage(channelBuffer);
            if (channelBuffer.readable()) {
                if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                    NettyServerCnxnFactory.LOG.trace("Before copy " + channelBuffer);
                }
                nettyServerCnxn.queuedBuffer = ChannelBuffers.dynamicBuffer(channelBuffer.readableBytes());
                nettyServerCnxn.queuedBuffer.writeBytes(channelBuffer);
                if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                    NettyServerCnxnFactory.LOG.trace("Copy is " + nettyServerCnxn.queuedBuffer);
                    NettyServerCnxnFactory.LOG.trace(Long.toHexString(nettyServerCnxn.sessionId) + " queuedBuffer 0x" + ChannelBuffers.hexDump(nettyServerCnxn.queuedBuffer));
                }
            }
        }

        @Override // org.jboss.netty.channel.SimpleChannelHandler
        public void writeComplete(ChannelHandlerContext channelHandlerContext, WriteCompletionEvent writeCompletionEvent) throws Exception {
            if (NettyServerCnxnFactory.LOG.isTraceEnabled()) {
                NettyServerCnxnFactory.LOG.trace("write complete " + writeCompletionEvent);
            }
        }
    }

    NettyServerCnxnFactory() {
        this.bootstrap.setOption("reuseAddress", true);
        this.bootstrap.setOption("child.tcpNoDelay", true);
        this.bootstrap.setOption("child.soLinger", -1);
        this.bootstrap.setPipelineFactory(new ChannelPipelineFactory() { // from class: org.apache.zookeeper.server.NettyServerCnxnFactory.1
            @Override // org.jboss.netty.channel.ChannelPipelineFactory
            public ChannelPipeline getPipeline() throws Exception {
                ChannelPipeline pipeline = Channels.pipeline();
                if (NettyServerCnxnFactory.this.secure) {
                    NettyServerCnxnFactory.this.initSSL(pipeline);
                }
                pipeline.addLast("servercnxnfactory", NettyServerCnxnFactory.this.channelHandler);
                return pipeline;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void initSSL(ChannelPipeline channelPipeline) throws X509Exception, KeyManagementException, NoSuchAlgorithmException {
        SSLContext sSLContext;
        String property = System.getProperty("zookeeper.ssl.authProvider");
        if (property == null) {
            sSLContext = X509Util.createSSLContext();
        } else {
            sSLContext = SSLContext.getInstance("TLSv1");
            X509AuthenticationProvider x509AuthenticationProvider = (X509AuthenticationProvider) ProviderRegistry.getProvider(System.getProperty("zookeeper.ssl.authProvider", "x509"));
            if (x509AuthenticationProvider == null) {
                LOG.error("Auth provider not found: {}", property);
                throw new X509Exception.SSLContextException("Could not create SSLContext with specified auth provider: " + property);
            }
            sSLContext.init(new X509KeyManager[]{x509AuthenticationProvider.getKeyManager()}, new X509TrustManager[]{x509AuthenticationProvider.getTrustManager()}, null);
        }
        SSLEngine createSSLEngine = sSLContext.createSSLEngine();
        createSSLEngine.setUseClientMode(false);
        createSSLEngine.setNeedClientAuth(true);
        channelPipeline.addLast("ssl", new SslHandler(createSSLEngine));
        LOG.info("SSL handler added for channel: {}", channelPipeline.getChannel());
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void closeAll() {
        if (LOG.isDebugEnabled()) {
            LOG.debug("closeAll()");
        }
        int size = this.cnxns.size();
        for (ServerCnxn serverCnxn : this.cnxns) {
            try {
                serverCnxn.close();
            } catch (Exception e) {
                LOG.warn("Ignoring exception closing cnxn sessionid 0x" + Long.toHexString(serverCnxn.getSessionId()), e);
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("allChannels size:" + this.allChannels.size() + " cnxns size:" + size);
        }
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public boolean closeSession(long j) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("closeSession sessionid:0x" + j);
        }
        for (ServerCnxn serverCnxn : this.cnxns) {
            if (serverCnxn.getSessionId() == j) {
                try {
                    serverCnxn.close();
                    return true;
                } catch (Exception e) {
                    LOG.warn("exception during session close", e);
                    return true;
                }
            }
        }
        return false;
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void configure(InetSocketAddress inetSocketAddress, int i, boolean z) throws IOException {
        configureSaslLogin();
        this.localAddress = inetSocketAddress;
        this.maxClientCnxns = i;
        this.secure = z;
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public int getMaxClientCnxnsPerHost() {
        return this.maxClientCnxns;
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void setMaxClientCnxnsPerHost(int i) {
        this.maxClientCnxns = i;
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public int getLocalPort() {
        return this.localAddress.getPort();
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void join() throws InterruptedException {
        synchronized (this) {
            while (!this.killed) {
                wait();
            }
        }
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void shutdown() {
        LOG.info("shutdown called " + this.localAddress);
        if (this.login != null) {
            this.login.shutdown();
        }
        if (this.parentChannel != null) {
            this.parentChannel.close().awaitUninterruptibly();
            closeAll();
            this.allChannels.close().awaitUninterruptibly();
            this.bootstrap.releaseExternalResources();
        }
        if (this.zkServer != null) {
            this.zkServer.shutdown();
        }
        synchronized (this) {
            this.killed = true;
            notifyAll();
        }
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void start() {
        LOG.info("binding to port " + this.localAddress);
        this.parentChannel = this.bootstrap.bind(this.localAddress);
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void reconfigure(InetSocketAddress inetSocketAddress) {
        Channel channel = this.parentChannel;
        try {
            try {
                LOG.info("binding to port {}", inetSocketAddress);
                this.parentChannel = this.bootstrap.bind(inetSocketAddress);
                this.localAddress = inetSocketAddress;
                channel.close();
            } catch (Exception e) {
                LOG.error("Error while reconfiguring", e);
                channel.close();
            }
        } catch (Throwable th) {
            channel.close();
            throw th;
        }
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void startup(ZooKeeperServer zooKeeperServer, boolean z) throws IOException, InterruptedException {
        start();
        setZooKeeperServer(zooKeeperServer);
        if (z) {
            zooKeeperServer.startdata();
            zooKeeperServer.startup();
        }
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public Iterable<ServerCnxn> getConnections() {
        return this.cnxns;
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public InetSocketAddress getLocalAddress() {
        return this.localAddress;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addCnxn(NettyServerCnxn nettyServerCnxn) {
        this.cnxns.add(nettyServerCnxn);
        synchronized (this.ipMap) {
            InetAddress address = ((InetSocketAddress) nettyServerCnxn.channel.getRemoteAddress()).getAddress();
            Set<NettyServerCnxn> set = this.ipMap.get(address);
            if (set == null) {
                set = new HashSet();
            }
            set.add(nettyServerCnxn);
            this.ipMap.put(address, set);
        }
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public void resetAllConnectionStats() {
        Iterator<ServerCnxn> it = this.cnxns.iterator();
        while (it.hasNext()) {
            it.next().resetStats();
        }
    }

    @Override // org.apache.zookeeper.server.ServerCnxnFactory
    public Iterable<Map<String, Object>> getAllConnectionInfo(boolean z) {
        HashSet hashSet = new HashSet();
        Iterator<ServerCnxn> it = this.cnxns.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getConnectionInfo(z));
        }
        return hashSet;
    }
}
