package org.voltdb.client;

import com.google_voltpatches.common.annotations.VisibleForTesting;
import com.google_voltpatches.common.base.Function;
import com.google_voltpatches.common.base.Optional;
import com.google_voltpatches.common.base.Predicates;
import com.google_voltpatches.common.collect.FluentIterable;
import java.io.EOFException;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.channels.AsynchronousCloseException;
import java.nio.channels.SocketChannel;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicLong;
import javax.net.ssl.SSLEngine;
import javax.security.auth.Subject;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.MessageProp;
import org.ietf.jgss.Oid;
import org.voltcore.network.ReverseDNSCache;
import org.voltcore.network.util.ssl.MessagingChannel;
import org.voltdb.ClientResponseImpl;
import org.voltdb.common.Constants;
import org.voltdb.utils.SerializationHelper;

/* loaded from: input_file:org/voltdb/client/ConnectionUtil.class */
public class ConnectionUtil {
    private static final TF m_tf;
    private static final HashMap<SocketChannel, ExecutorPair> m_executors;
    private static final AtomicLong m_handle;
    private static final GSSManager m_gssManager;
    private static final Function<Principal, DelegatePrincipal> narrowPrincipal;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    /* loaded from: input_file:org/voltdb/client/ConnectionUtil$DelayedExecutionThread.class */
    public static final class DelayedExecutionThread extends Thread {
        private final long m_runAtNanos;
        private final Runnable m_runnable;
        private volatile State m_state;

        /* loaded from: input_file:org/voltdb/client/ConnectionUtil$DelayedExecutionThread$State.class */
        public enum State {
            NOT_STARTED,
            WAITING,
            RUNNING,
            COMPLETED(true),
            CANCELED(true);

            public final boolean m_done;

            State() {
                this(false);
            }

            State(boolean z) {
                this.m_done = z;
            }
        }

        public DelayedExecutionThread(long j, TimeUnit timeUnit, Runnable runnable) {
            super(null, null, "Delayed Execution Thread " + timeUnit.toMillis(j) + "ms", 262144L);
            this.m_state = State.NOT_STARTED;
            this.m_runAtNanos = timeUnit.toNanos(j) + System.nanoTime();
            this.m_runnable = runnable;
            setDaemon(true);
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public synchronized void run() {
            if (this.m_state == State.CANCELED) {
                return;
            }
            if (this.m_state != State.NOT_STARTED) {
                throw new IllegalStateException("Not in state " + State.NOT_STARTED + ": " + this.m_state);
            }
            setState(State.WAITING);
            while (this.m_state == State.WAITING) {
                long nanoTime = System.nanoTime();
                if (nanoTime > this.m_runAtNanos) {
                    break;
                } else {
                    try {
                        wait(Math.max(1L, TimeUnit.NANOSECONDS.toMillis(nanoTime - this.m_runAtNanos)));
                    } catch (InterruptedException e) {
                    }
                }
            }
            if (this.m_state.m_done) {
                return;
            }
            setState(State.RUNNING);
            if (this.m_runnable != null) {
                this.m_runnable.run();
            }
            setState(State.COMPLETED);
        }

        public synchronized boolean cancel() {
            if (!this.m_state.m_done) {
                setState(State.CANCELED);
            }
            return this.m_state == State.CANCELED;
        }

        public synchronized State waitUntilDone() throws InterruptedException {
            while (!this.m_state.m_done) {
                wait();
            }
            return this.m_state;
        }

        public State state() {
            return this.m_state;
        }

        private void setState(State state) {
            this.m_state = state;
            if (state.m_done) {
                notifyAll();
            }
        }
    }

    /* loaded from: input_file:org/voltdb/client/ConnectionUtil$ExecutorPair.class */
    public static class ExecutorPair {
        public final ExecutorService m_writeExecutor = Executors.newSingleThreadExecutor(ConnectionUtil.m_tf);
        public final ExecutorService m_readExecutor = Executors.newSingleThreadExecutor(ConnectionUtil.m_tf);

        /* JADX INFO: Access modifiers changed from: private */
        public void shutdown() throws InterruptedException {
            this.m_readExecutor.shutdownNow();
            this.m_writeExecutor.shutdownNow();
            this.m_readExecutor.awaitTermination(1L, TimeUnit.DAYS);
            this.m_writeExecutor.awaitTermination(1L, TimeUnit.DAYS);
        }
    }

    /* loaded from: input_file:org/voltdb/client/ConnectionUtil$TF.class */
    private static class TF implements ThreadFactory {
        private TF() {
        }

        @Override // java.util.concurrent.ThreadFactory
        public Thread newThread(Runnable runnable) {
            return new Thread(null, runnable, "Yet another thread", 65536L);
        }
    }

    public static byte[] getHashedPassword(String str) {
        return getHashedPassword(ClientAuthScheme.HASH_SHA256, str);
    }

    public static byte[] getHashedPassword(ClientAuthScheme clientAuthScheme, String str) {
        if (str == null) {
            return null;
        }
        MessageDigest messageDigest = null;
        try {
            messageDigest = MessageDigest.getInstance(ClientAuthScheme.getDigestScheme(clientAuthScheme));
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            System.exit(-1);
        }
        return messageDigest.digest(str.getBytes(Constants.UTF8ENCODING));
    }

    public static Object[] getAuthenticatedConnection(String str, String str2, byte[] bArr, int i, Subject subject, ClientAuthScheme clientAuthScheme, long j) throws IOException {
        return getAuthenticatedConnectionImpl(subject == null ? "database" : "kerberos", new InetSocketAddress(str, i), str2, bArr, subject, clientAuthScheme, null, j);
    }

    public static Object[] getAuthenticatedConnection(String str, String str2, byte[] bArr, int i, Subject subject, ClientAuthScheme clientAuthScheme, SSLEngine sSLEngine, long j) throws IOException {
        return getAuthenticatedConnectionImpl(subject == null ? "database" : "kerberos", new InetSocketAddress(str, i), str2, bArr, subject, clientAuthScheme, sSLEngine, j);
    }

    public static final Optional<DelegatePrincipal> getDelegate(Subject subject) {
        return subject == null ? Optional.absent() : FluentIterable.from(subject.getPrincipals()).filter(Predicates.instanceOf(DelegatePrincipal.class)).transform(narrowPrincipal).first();
    }

    private static Object[] getAuthenticatedConnectionImpl(String str, InetSocketAddress inetSocketAddress, String str2, byte[] bArr, Subject subject, ClientAuthScheme clientAuthScheme, SSLEngine sSLEngine, long j) throws IOException {
        DelayedExecutionThread delayedExecutionThread;
        long[] jArr;
        MessagingChannel messagingChannel;
        ByteBuffer allocate;
        Object[] objArr = new Object[3];
        if (inetSocketAddress.isUnresolved()) {
            throw new UnknownHostException(inetSocketAddress.getHostName());
        }
        final SocketChannel open = SocketChannel.open(inetSocketAddress);
        objArr[0] = open;
        if (!$assertionsDisabled && !open.isConnected()) {
            throw new AssertionError();
        }
        if (!open.isConnected()) {
            throw new IOException("Failed to open host " + ReverseDNSCache.hostnameOrAddress(inetSocketAddress.getAddress()));
        }
        if (j > 0) {
            delayedExecutionThread = new DelayedExecutionThread(j, TimeUnit.MILLISECONDS, new Runnable() { // from class: org.voltdb.client.ConnectionUtil.2
                @Override // java.lang.Runnable
                public void run() {
                    try {
                        open.close();
                    } catch (IOException e) {
                    }
                }
            });
            delayedExecutionThread.start();
        } else {
            delayedExecutionThread = null;
        }
        MessagingChannel messagingChannel2 = null;
        try {
            synchronized (open.blockingLock()) {
                open.configureBlocking(false);
                open.socket().setTcpNoDelay(true);
            }
            if (sSLEngine != null) {
                try {
                    if (!new TLSHandshaker(open, sSLEngine).handshake()) {
                        open.close();
                        throw new IOException("TLS/SSL handshake failed");
                    }
                } catch (IOException e) {
                    open.close();
                    throw new IOException("TLS/SSL handshake failed", e);
                }
            }
            jArr = new long[4];
            objArr[1] = jArr;
            messagingChannel = MessagingChannel.get(open, sSLEngine);
            synchronized (open.blockingLock()) {
                open.configureBlocking(true);
                open.socket().setTcpNoDelay(true);
            }
            byte[] bytes = str == null ? null : str.getBytes(Constants.UTF8ENCODING);
            byte[] bytes2 = str2 == null ? null : str2.getBytes(Constants.UTF8ENCODING);
            int length = 4 + 2 + (bytes == null ? 4 : 4 + bytes.length) + (bytes2 == null ? 4 : 4 + bytes2.length) + bArr.length;
            allocate = ByteBuffer.allocate(length);
            allocate.putInt(length - 4);
            allocate.put((byte) 1);
            allocate.put((byte) clientAuthScheme.getValue());
            SerializationHelper.writeVarbinary(bytes, allocate);
            SerializationHelper.writeVarbinary(bytes2, allocate);
            allocate.put(bArr);
            allocate.flip();
            try {
                messagingChannel.writeMessage(allocate);
            } catch (IOException e2) {
                throw new IOException("Failed to write authentication message to server.", e2);
            }
        } catch (AsynchronousCloseException e3) {
            if (0 != 0) {
                messagingChannel2.cleanUp();
            }
            if (delayedExecutionThread != null && !delayedExecutionThread.cancel()) {
                throw new IOException("Authentication timed out");
            }
            if (0 == 0) {
                open.close();
            }
        } catch (Throwable th) {
            if (0 != 0) {
                messagingChannel2.cleanUp();
            }
            if (delayedExecutionThread != null && !delayedExecutionThread.cancel()) {
                throw new IOException("Authentication timed out");
            }
            if (0 == 0) {
                open.close();
            }
            throw th;
        }
        if (allocate.hasRemaining()) {
            throw new IOException("Failed to write authentication message to server.");
        }
        try {
            ByteBuffer readMessage = messagingChannel.readMessage();
            byte b = readMessage.get();
            byte b2 = readMessage.get();
            if (b == 2) {
                if (subject == null) {
                    open.close();
                    throw new IOException("Server requires an authenticated JAAS principal");
                }
                if (b2 != 4) {
                    open.close();
                    throw new IOException("Wire protocol format violation error");
                }
                readMessage = performAuthenticationHandShake(messagingChannel, subject, SerializationHelper.getString(readMessage));
                b2 = readMessage.get();
            }
            if (b2 != 0) {
                open.close();
                switch (b2) {
                    case 1:
                        throw new IOException("Server has too many connections");
                    case 2:
                        throw new IOException("Connection timed out during authentication. The database server may be overloaded.");
                    case 3:
                        throw new IOException("Wire protocol format violation error");
                    case 4:
                        throw new IOException("Failed to authenticate to rejoining node");
                    case 5:
                        throw new IOException("Export not enabled for server");
                    default:
                        throw new IOException("Authentication rejected");
                }
            }
            jArr[0] = readMessage.getInt();
            jArr[1] = readMessage.getLong();
            jArr[2] = readMessage.getLong();
            jArr[3] = readMessage.getInt();
            byte[] bArr2 = new byte[readMessage.getInt()];
            readMessage.get(bArr2);
            objArr[2] = new String(bArr2, Constants.UTF8ENCODING);
            synchronized (open.blockingLock()) {
                open.configureBlocking(false);
                open.socket().setKeepAlive(true);
            }
            if (messagingChannel != null) {
                messagingChannel.cleanUp();
            }
            if (delayedExecutionThread != null && !delayedExecutionThread.cancel()) {
                throw new IOException("Authentication timed out");
            }
            if (1 == 0) {
                open.close();
            }
            return objArr;
        } catch (IOException e4) {
            throw new IOException("Authentication rejected", e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void establishSecurityContext(MessagingChannel messagingChannel, GSSContext gSSContext, Optional<DelegatePrincipal> optional) throws IOException, GSSException {
        ByteBuffer allocate = ByteBuffer.allocate(DelegatePrincipal.MAX_DELEGATE_NAME_SIZE);
        ByteBuffer byteBuffer = allocate;
        allocate.limit(0);
        while (!gSSContext.isEstablished()) {
            byte[] initSecContext = gSSContext.initSecContext(byteBuffer.array(), byteBuffer.arrayOffset() + byteBuffer.position(), byteBuffer.remaining());
            if (initSecContext != null) {
                int length = 6 + initSecContext.length;
                allocate.clear().limit(length);
                allocate.putInt(length - 4).put((byte) 2).put((byte) 5);
                allocate.put(initSecContext).flip();
                messagingChannel.writeMessage(allocate);
            }
            if (gSSContext.isEstablished()) {
                break;
            }
            byteBuffer = messagingChannel.readMessage();
            byte b = byteBuffer.get();
            if (b != 2) {
                throw new IOException("Encountered unexpected authentication protocol version " + ((int) b));
            }
            byte b2 = byteBuffer.get();
            if (b2 != 5) {
                throw new IOException("Encountered unexpected authentication protocol tag " + ((int) b2));
            }
        }
        if (!gSSContext.getMutualAuthState()) {
            throw new IOException("Authentication Handshake Failed");
        }
        if (optional.isPresent() && !gSSContext.getConfState()) {
            throw new IOException("Cannot transmit delegate user name securely");
        }
        if (optional.isPresent()) {
            MessageProp messageProp = new MessageProp(0, true);
            allocate.clear().limit(optional.get().wrappedSize());
            optional.get().wrap(allocate);
            allocate.flip();
            byte[] wrap = gSSContext.wrap(allocate.array(), allocate.arrayOffset() + allocate.position(), allocate.remaining(), messageProp);
            int length2 = 6 + wrap.length;
            allocate.clear().limit(length2);
            allocate.putInt(length2 - 4).put((byte) 2).put((byte) 5);
            allocate.put(wrap).flip();
            while (allocate.hasRemaining()) {
                messagingChannel.writeMessage(allocate);
            }
        }
    }

    private static final ByteBuffer performAuthenticationHandShake(final MessagingChannel messagingChannel, Subject subject, final String str) throws IOException {
        try {
            String name = subject.getPrincipals().iterator().next().getName();
            final Optional<DelegatePrincipal> delegate = getDelegate(subject);
            if (delegate.isPresent() && !name.equals(str)) {
                throw new IOException("Delegate authentication is not allowed for user " + delegate.get().getName());
            }
            Subject.doAs(subject, new PrivilegedAction<GSSContext>() { // from class: org.voltdb.client.ConnectionUtil.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedAction
                public GSSContext run() {
                    GSSContext gSSContext = null;
                    try {
                        try {
                            GSSContext createContext = ConnectionUtil.m_gssManager.createContext(ConnectionUtil.m_gssManager.createName(str, new Oid("1.2.840.113554.1.2.2.1")), new Oid("1.2.840.113554.1.2.2"), (GSSCredential) null, Integer.MAX_VALUE);
                            createContext.requestMutualAuth(true);
                            createContext.requestConf(true);
                            createContext.requestInteg(true);
                            ConnectionUtil.establishSecurityContext(messagingChannel, createContext, delegate);
                            createContext.dispose();
                            gSSContext = null;
                            if (0 == 0) {
                                return null;
                            }
                            try {
                                gSSContext.dispose();
                                return null;
                            } catch (Exception e) {
                                return null;
                            }
                        } catch (GSSException e2) {
                            throw new RuntimeException((Throwable) e2);
                        } catch (IOException e3) {
                            throw new RuntimeException(e3);
                        }
                    } catch (Throwable th) {
                        if (gSSContext != null) {
                            try {
                                gSSContext.dispose();
                            } catch (Exception e4) {
                            }
                        }
                        throw th;
                    }
                }
            });
            ByteBuffer readMessage = messagingChannel.readMessage();
            byte b = readMessage.get();
            if (b != 0) {
                throw new IOException("Encountered unexpected version for the login response message: " + ((int) b));
            }
            return readMessage;
        } catch (SecurityException e) {
            Throwable cause = e.getCause();
            if (cause != null && (cause instanceof RuntimeException) && cause.getCause() != null) {
                cause = cause.getCause();
            } else if (cause == null) {
                cause = e;
            }
            if (cause instanceof IOException) {
                throw ((IOException) IOException.class.cast(cause));
            }
            throw new IOException("Authentication Handshake Failed", cause);
        }
    }

    public static void closeConnection(SocketChannel socketChannel) throws InterruptedException, IOException {
        synchronized (m_executors) {
            ExecutorPair remove = m_executors.remove(socketChannel);
            if (!$assertionsDisabled && remove == null) {
                throw new AssertionError();
            }
            remove.shutdown();
        }
        socketChannel.close();
    }

    private static ExecutorPair getExecutorPair(SocketChannel socketChannel) {
        ExecutorPair executorPair;
        synchronized (m_executors) {
            ExecutorPair executorPair2 = m_executors.get(socketChannel);
            if (executorPair2 == null) {
                executorPair2 = new ExecutorPair();
                m_executors.put(socketChannel, executorPair2);
            }
            executorPair = executorPair2;
        }
        return executorPair;
    }

    public static Future<Long> sendInvocation(SocketChannel socketChannel, String str, Object... objArr) {
        return sendInvocation(getExecutorPair(socketChannel).m_writeExecutor, socketChannel, str, objArr);
    }

    public static Future<Long> sendInvocation(ExecutorService executorService, final SocketChannel socketChannel, final String str, final Object... objArr) {
        return executorService.submit(new Callable<Long>() { // from class: org.voltdb.client.ConnectionUtil.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public Long call() throws Exception {
                long andIncrement = ConnectionUtil.m_handle.getAndIncrement();
                ProcedureInvocation procedureInvocation = new ProcedureInvocation(andIncrement, str, objArr);
                ByteBuffer allocate = ByteBuffer.allocate(4 + procedureInvocation.getSerializedSize());
                allocate.position(4);
                procedureInvocation.flattenToBuffer(allocate);
                allocate.putInt(0, allocate.capacity() - 4);
                allocate.flip();
                do {
                    socketChannel.write(allocate);
                    if (allocate.hasRemaining()) {
                        Thread.yield();
                    }
                } while (allocate.hasRemaining());
                return Long.valueOf(andIncrement);
            }
        });
    }

    public static Future<ClientResponse> readResponse(SocketChannel socketChannel) {
        return readResponse(getExecutorPair(socketChannel).m_readExecutor, socketChannel);
    }

    public static Future<ClientResponse> readResponse(ExecutorService executorService, final SocketChannel socketChannel) {
        return executorService.submit(new Callable<ClientResponse>() { // from class: org.voltdb.client.ConnectionUtil.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public ClientResponse call() throws Exception {
                ByteBuffer allocate = ByteBuffer.allocate(4);
                while (socketChannel.read(allocate) != -1) {
                    if (allocate.hasRemaining()) {
                        Thread.yield();
                    }
                    if (!allocate.hasRemaining()) {
                        allocate.flip();
                        ByteBuffer allocate2 = ByteBuffer.allocate(allocate.getInt());
                        while (socketChannel.read(allocate2) != -1) {
                            if (allocate.hasRemaining()) {
                                Thread.yield();
                            }
                            if (!allocate2.hasRemaining()) {
                                allocate2.flip();
                                ClientResponseImpl clientResponseImpl = new ClientResponseImpl();
                                clientResponseImpl.initFromBuffer(allocate2);
                                return clientResponseImpl;
                            }
                        }
                        throw new EOFException();
                    }
                }
                throw new EOFException();
            }
        });
    }

    static {
        $assertionsDisabled = !ConnectionUtil.class.desiredAssertionStatus();
        m_tf = new TF();
        m_executors = new HashMap<>();
        m_handle = new AtomicLong(Long.MIN_VALUE);
        m_gssManager = GSSManager.getInstance();
        narrowPrincipal = new Function<Principal, DelegatePrincipal>() { // from class: org.voltdb.client.ConnectionUtil.1
            @Override // com.google_voltpatches.common.base.Function
            public DelegatePrincipal apply(Principal principal) {
                return (DelegatePrincipal) DelegatePrincipal.class.cast(principal);
            }
        };
    }
}
