package io.pravega.segmentstore.server.host.handler;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import io.netty.bootstrap.ServerBootstrap;
import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelOption;
import io.netty.channel.ChannelPipeline;
import io.netty.channel.EventLoopGroup;
import io.netty.channel.epoll.EpollEventLoopGroup;
import io.netty.channel.epoll.EpollServerSocketChannel;
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.SocketChannel;
import io.netty.channel.socket.nio.NioServerSocketChannel;
import io.netty.handler.codec.LengthFieldBasedFrameDecoder;
import io.netty.handler.logging.LogLevel;
import io.netty.handler.logging.LoggingHandler;
import io.netty.handler.ssl.SslContext;
import io.netty.util.internal.logging.InternalLoggerFactory;
import io.netty.util.internal.logging.Slf4JLoggerFactory;
import io.pravega.common.Exceptions;
import io.pravega.common.io.filesystem.FileModificationEventWatcher;
import io.pravega.common.io.filesystem.FileModificationMonitor;
import io.pravega.common.io.filesystem.FileModificationPollingMonitor;
import io.pravega.segmentstore.contracts.StreamSegmentStore;
import io.pravega.segmentstore.contracts.tables.TableStore;
import io.pravega.segmentstore.server.host.delegationtoken.DelegationTokenVerifier;
import io.pravega.segmentstore.server.host.delegationtoken.PassingTokenVerifier;
import io.pravega.segmentstore.server.host.security.TLSConfigChangeEventConsumer;
import io.pravega.segmentstore.server.host.security.TLSConfigChangeFileConsumer;
import io.pravega.segmentstore.server.host.security.TLSHelper;
import io.pravega.segmentstore.server.host.stat.SegmentStatsRecorder;
import io.pravega.segmentstore.server.host.stat.TableSegmentStatsRecorder;
import io.pravega.shared.metrics.MetricNotifier;
import io.pravega.shared.protocol.netty.AppendDecoder;
import io.pravega.shared.protocol.netty.CommandDecoder;
import io.pravega.shared.protocol.netty.CommandEncoder;
import io.pravega.shared.protocol.netty.ExceptionLoggingHandler;
import java.io.FileNotFoundException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Function;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/pravega/segmentstore/server/host/handler/PravegaConnectionListener.class */
public final class PravegaConnectionListener implements AutoCloseable {

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    private static final Logger log = LoggerFactory.getLogger(PravegaConnectionListener.class);
    private final String host;
    private final int port;
    private final StreamSegmentStore store;
    private final TableStore tableStore;
    private final DelegationTokenVerifier tokenVerifier;
    private final ConnectionTracker connectionTracker;
    private Channel serverChannel;
    private EventLoopGroup bossGroup;
    private EventLoopGroup workerGroup;
    private final SegmentStatsRecorder statsRecorder;
    private final TableSegmentStatsRecorder tableStatsRecorder;
    private final boolean replyWithStackTraceOnError;
    private final boolean enableTls;

    @VisibleForTesting
    private final boolean enableTlsReload;
    private final String pathToTlsCertFile;
    private final String pathToTlsKeyFile;
    private FileModificationMonitor tlsCertFileModificationMonitor;
    private final ScheduledExecutorService tokenExpiryHandlerExecutor;

    @VisibleForTesting
    public PravegaConnectionListener(boolean z, int i, StreamSegmentStore streamSegmentStore, TableStore tableStore, ScheduledExecutorService scheduledExecutorService) {
        this(z, false, "localhost", i, streamSegmentStore, tableStore, SegmentStatsRecorder.noOp(), TableSegmentStatsRecorder.noOp(), new PassingTokenVerifier(), null, null, true, scheduledExecutorService);
    }

    public PravegaConnectionListener(boolean z, boolean z2, String str, int i, StreamSegmentStore streamSegmentStore, TableStore tableStore, SegmentStatsRecorder segmentStatsRecorder, TableSegmentStatsRecorder tableSegmentStatsRecorder, DelegationTokenVerifier delegationTokenVerifier, String str2, String str3, boolean z3, ScheduledExecutorService scheduledExecutorService) {
        this.enableTls = z;
        if (this.enableTls) {
            this.enableTlsReload = z2;
        } else {
            this.enableTlsReload = false;
        }
        this.host = Exceptions.checkNotNullOrEmpty(str, "host");
        this.port = i;
        this.store = (StreamSegmentStore) Preconditions.checkNotNull(streamSegmentStore, "streamSegmentStore");
        this.tableStore = (TableStore) Preconditions.checkNotNull(tableStore, "tableStore");
        this.statsRecorder = (SegmentStatsRecorder) Preconditions.checkNotNull(segmentStatsRecorder, "statsRecorder");
        this.tableStatsRecorder = (TableSegmentStatsRecorder) Preconditions.checkNotNull(tableSegmentStatsRecorder, "tableStatsRecorder");
        this.pathToTlsCertFile = str2;
        this.pathToTlsKeyFile = str3;
        InternalLoggerFactory.setDefaultFactory(Slf4JLoggerFactory.INSTANCE);
        if (delegationTokenVerifier != null) {
            this.tokenVerifier = delegationTokenVerifier;
        } else {
            this.tokenVerifier = new PassingTokenVerifier();
        }
        this.replyWithStackTraceOnError = z3;
        this.connectionTracker = new ConnectionTracker();
        this.tokenExpiryHandlerExecutor = scheduledExecutorService;
    }

    public void startListening() {
        AtomicReference<SslContext> atomicReference = this.enableTls ? new AtomicReference<>(TLSHelper.newServerSslContext(this.pathToTlsCertFile, this.pathToTlsKeyFile)) : null;
        boolean z = false;
        try {
            this.bossGroup = new EpollEventLoopGroup(1);
            this.workerGroup = new EpollEventLoopGroup();
        } catch (ExceptionInInitializerError | NoClassDefFoundError | UnsatisfiedLinkError e) {
            z = true;
            this.bossGroup = new NioEventLoopGroup(1);
            this.workerGroup = new NioEventLoopGroup();
        }
        ServerBootstrap serverBootstrap = new ServerBootstrap();
        final AtomicReference<SslContext> atomicReference2 = atomicReference;
        serverBootstrap.group(this.bossGroup, this.workerGroup).channel(z ? NioServerSocketChannel.class : EpollServerSocketChannel.class).option(ChannelOption.SO_BACKLOG, 100).handler(new LoggingHandler(LogLevel.INFO)).childHandler(new ChannelInitializer<SocketChannel>() { // from class: io.pravega.segmentstore.server.host.handler.PravegaConnectionListener.1
            public void initChannel(SocketChannel socketChannel) {
                ChannelPipeline pipeline = socketChannel.pipeline();
                if (PravegaConnectionListener.this.enableTls) {
                    pipeline.addLast(TLSHelper.TLS_HANDLER_NAME, ((SslContext) atomicReference2.get()).newHandler(socketChannel.alloc()));
                }
                ChannelHandler serverConnectionInboundHandler = new ServerConnectionInboundHandler();
                pipeline.addLast(new ChannelHandler[]{new ExceptionLoggingHandler(socketChannel.remoteAddress().toString()), new CommandEncoder((Function) null, MetricNotifier.NO_OP_METRIC_NOTIFIER), new LengthFieldBasedFrameDecoder(16777215, 4, 4), new CommandDecoder(), new AppendDecoder(), serverConnectionInboundHandler});
                serverConnectionInboundHandler.setRequestProcessor(new AppendProcessor(PravegaConnectionListener.this.store, serverConnectionInboundHandler, PravegaConnectionListener.this.connectionTracker, new PravegaRequestProcessor(PravegaConnectionListener.this.store, PravegaConnectionListener.this.tableStore, serverConnectionInboundHandler, PravegaConnectionListener.this.statsRecorder, PravegaConnectionListener.this.tableStatsRecorder, PravegaConnectionListener.this.tokenVerifier, PravegaConnectionListener.this.replyWithStackTraceOnError), PravegaConnectionListener.this.statsRecorder, PravegaConnectionListener.this.tokenVerifier, PravegaConnectionListener.this.replyWithStackTraceOnError, PravegaConnectionListener.this.tokenExpiryHandlerExecutor));
            }
        });
        if (this.enableTls && this.enableTlsReload) {
            enableTlsContextReload(atomicReference);
        }
        this.serverChannel = serverBootstrap.bind(this.host, this.port).awaitUninterruptibly().channel();
    }

    @VisibleForTesting
    void enableTlsContextReload(AtomicReference<SslContext> atomicReference) {
        this.tlsCertFileModificationMonitor = prepareCertificateMonitor(this.pathToTlsCertFile, this.pathToTlsKeyFile, atomicReference);
        this.tlsCertFileModificationMonitor.startMonitoring();
        log.info("Successfully started file modification monitoring for TLS certificate: [{}]", this.pathToTlsCertFile);
    }

    @VisibleForTesting
    FileModificationMonitor prepareCertificateMonitor(String str, String str2, AtomicReference<SslContext> atomicReference) {
        return prepareCertificateMonitor(Files.isSymbolicLink(Paths.get(str, new String[0])), str, str2, atomicReference);
    }

    @VisibleForTesting
    FileModificationMonitor prepareCertificateMonitor(boolean z, String str, String str2, AtomicReference<SslContext> atomicReference) {
        FileModificationPollingMonitor fileModificationEventWatcher;
        try {
            if (z) {
                log.info("The path to certificate file [{}] was found to be a symbolic link,  so using [{}] to monitor for certificate changes", str, FileModificationPollingMonitor.class.getSimpleName());
                fileModificationEventWatcher = new FileModificationPollingMonitor(Paths.get(str, new String[0]), new TLSConfigChangeFileConsumer(atomicReference, str, str2));
            } else {
                fileModificationEventWatcher = new FileModificationEventWatcher(Paths.get(str, new String[0]), new TLSConfigChangeEventConsumer(atomicReference, str, str2));
            }
            return fileModificationEventWatcher;
        } catch (FileNotFoundException e) {
            log.error("Failed to prepare a monitor for the certificate at path [{}]", str, e);
            throw new RuntimeException(e);
        }
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        Exceptions.handleInterrupted(() -> {
            if (this.serverChannel != null) {
                this.serverChannel.close();
                this.serverChannel.closeFuture().sync();
            }
        });
        if (this.bossGroup != null) {
            this.bossGroup.shutdownGracefully();
        }
        if (this.workerGroup != null) {
            this.workerGroup.shutdownGracefully();
        }
        if (this.tlsCertFileModificationMonitor != null) {
            this.tlsCertFileModificationMonitor.stopMonitoring();
        }
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public boolean isEnableTlsReload() {
        return this.enableTlsReload;
    }
}
