package com.yahoo.vespa.zookeeper;

import com.yahoo.cloud.config.ZookeeperServerConfig;
import com.yahoo.security.tls.MixedMode;
import com.yahoo.security.tls.TlsContext;
import com.yahoo.security.tls.TransportSecurityUtils;
import com.yahoo.stream.CustomCollectors;
import com.yahoo.vespa.defaults.Defaults;
import com.yahoo.vespa.zookeeper.tls.VespaZookeeperTlsContextUtils;
import java.io.FileWriter;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.stream.Collectors;

/* loaded from: input_file:com/yahoo/vespa/zookeeper/Configurator.class */
public class Configurator {
    public static volatile boolean VespaNettyServerCnxnFactory_isSecure = false;
    private static final Logger log = Logger.getLogger(Configurator.class.getName());
    private static final String ZOOKEEPER_JMX_LOG4J_DISABLE = "zookeeper.jmx.log4j.disable";
    static final String ZOOKEEPER_JUTE_MAX_BUFFER = "jute.maxbuffer";
    private final ZookeeperServerConfig zookeeperServerConfig;
    private final Path configFilePath;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/yahoo/vespa/zookeeper/Configurator$TlsClientServerConfig.class */
    public static class TlsClientServerConfig implements TlsConfig {
        TlsClientServerConfig() {
        }

        public void createConfig(Map<String, String> map, VespaTlsConfig vespaTlsConfig) {
            map.put("client.portUnification", String.valueOf(enablePortUnification(vespaTlsConfig)));
            Configurator.VespaNettyServerCnxnFactory_isSecure = vespaTlsConfig.tlsEnabled() && vespaTlsConfig.mixedMode() == MixedMode.DISABLED;
            appendSharedTlsConfig(map, vespaTlsConfig);
        }

        @Override // com.yahoo.vespa.zookeeper.Configurator.TlsConfig
        public String configFieldPrefix() {
            return "ssl";
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/yahoo/vespa/zookeeper/Configurator$TlsConfig.class */
    public interface TlsConfig {
        String configFieldPrefix();

        default void appendSharedTlsConfig(Map<String, String> map, VespaTlsConfig vespaTlsConfig) {
            vespaTlsConfig.context().ifPresent(tlsContext -> {
                String str = (String) Arrays.stream(tlsContext.parameters().getCipherSuites()).sorted().collect(Collectors.joining(","));
                map.put(configFieldPrefix() + ".context.supplier.class", VespaSslContextProvider.class.getName());
                map.put(configFieldPrefix() + ".ciphersuites", str);
                map.put(configFieldPrefix() + ".enabledProtocols", (String) Arrays.stream(tlsContext.parameters().getProtocols()).sorted().collect(Collectors.joining(",")));
                map.put(configFieldPrefix() + ".clientAuth", "NEED");
            });
        }

        default boolean enablePortUnification(VespaTlsConfig vespaTlsConfig) {
            return vespaTlsConfig.tlsEnabled() && (vespaTlsConfig.mixedMode() == MixedMode.TLS_CLIENT_MIXED_SERVER || vespaTlsConfig.mixedMode() == MixedMode.PLAINTEXT_CLIENT_MIXED_SERVER);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/yahoo/vespa/zookeeper/Configurator$TlsQuorumConfig.class */
    public static class TlsQuorumConfig implements TlsConfig {
        TlsQuorumConfig() {
        }

        public void createConfig(Map<String, String> map, VespaTlsConfig vespaTlsConfig) {
            map.put("sslQuorum", String.valueOf(vespaTlsConfig.tlsEnabled()));
            map.put("portUnification", String.valueOf(enablePortUnification(vespaTlsConfig)));
            appendSharedTlsConfig(map, vespaTlsConfig);
        }

        @Override // com.yahoo.vespa.zookeeper.Configurator.TlsConfig
        public String configFieldPrefix() {
            return "ssl.quorum";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/yahoo/vespa/zookeeper/Configurator$VespaTlsConfig.class */
    public static class VespaTlsConfig {
        private final TlsContext context;
        private final MixedMode mixedMode;

        VespaTlsConfig(TlsContext tlsContext, MixedMode mixedMode) {
            this.context = tlsContext;
            this.mixedMode = mixedMode;
        }

        static VespaTlsConfig tlsDisabled() {
            return new VespaTlsConfig(null, MixedMode.defaultValue());
        }

        boolean tlsEnabled() {
            return this.context != null;
        }

        Optional<TlsContext> context() {
            return Optional.ofNullable(this.context);
        }

        MixedMode mixedMode() {
            return this.mixedMode;
        }
    }

    public Configurator(ZookeeperServerConfig zookeeperServerConfig) {
        log.log(Level.FINE, zookeeperServerConfig.toString());
        this.zookeeperServerConfig = zookeeperServerConfig;
        this.configFilePath = makeAbsolutePath(zookeeperServerConfig.zooKeeperConfigFile());
        System.setProperty(ZOOKEEPER_JMX_LOG4J_DISABLE, "true");
        System.setProperty("zookeeper.snapshot.trust.empty", String.valueOf(zookeeperServerConfig.trustEmptySnapshot()));
        System.setProperty(ZOOKEEPER_JUTE_MAX_BUFFER, Integer.valueOf(zookeeperServerConfig.juteMaxBuffer()).toString());
        System.setProperty("zookeeper.authProvider.x509", "com.yahoo.vespa.zookeeper.VespaMtlsAuthenticationProvider");
        System.setProperty("zookeeper.globalOutstandingLimit", "1000");
        System.setProperty("zookeeper.snapshot.compression.method", zookeeperServerConfig.snapshotMethod());
        System.setProperty("zookeeper.leader.closeSocketAsync", String.valueOf(zookeeperServerConfig.leaderCloseSocketAsync()));
        System.setProperty("zookeeper.learner.asyncSending", String.valueOf(zookeeperServerConfig.learnerAsyncSending()));
        System.setProperty("zookeeper.extendedTypesEnabled", "true");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void writeConfigToDisk() {
        writeConfigToDisk((VespaTlsConfig) VespaZookeeperTlsContextUtils.tlsContext().map(tlsContext -> {
            return new VespaTlsConfig(tlsContext, TransportSecurityUtils.getInsecureMixedMode());
        }).orElse(VespaTlsConfig.tlsDisabled()));
    }

    void writeConfigToDisk(VespaTlsConfig vespaTlsConfig) {
        this.configFilePath.toFile().getParentFile().mkdirs();
        try {
            writeZooKeeperConfigFile(this.zookeeperServerConfig, vespaTlsConfig);
            writeMyIdFile(this.zookeeperServerConfig);
        } catch (IOException e) {
            throw new RuntimeException("Error writing zookeeper config", e);
        }
    }

    private void writeZooKeeperConfigFile(ZookeeperServerConfig zookeeperServerConfig, VespaTlsConfig vespaTlsConfig) throws IOException {
        String str = zookeeperServerConfig.dynamicReconfiguration() ? parseConfigFile(this.configFilePath).get("dynamicConfigFile") : null;
        Map<String, String> parseConfigFile = str != null ? parseConfigFile(Paths.get(str, new String[0])) : Map.of();
        FileWriter fileWriter = new FileWriter(this.configFilePath.toFile());
        try {
            fileWriter.write(transformConfigToString(zookeeperServerConfig, vespaTlsConfig, parseConfigFile));
            fileWriter.close();
        } catch (Throwable th) {
            try {
                fileWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static String transformConfigToString(ZookeeperServerConfig zookeeperServerConfig, VespaTlsConfig vespaTlsConfig, Map<String, String> map) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("tickTime", Integer.toString(zookeeperServerConfig.tickTime()));
        linkedHashMap.put("initLimit", Integer.toString(zookeeperServerConfig.initLimit()));
        linkedHashMap.put("syncLimit", Integer.toString(zookeeperServerConfig.syncLimit()));
        linkedHashMap.put("maxClientCnxns", Integer.toString(zookeeperServerConfig.maxClientConnections()));
        linkedHashMap.put("snapCount", Integer.toString(zookeeperServerConfig.snapshotCount()));
        linkedHashMap.put("dataDir", Defaults.getDefaults().underVespaHome(zookeeperServerConfig.dataDir()));
        linkedHashMap.put("autopurge.purgeInterval", Integer.toString(zookeeperServerConfig.autopurge().purgeInterval()));
        linkedHashMap.put("autopurge.snapRetainCount", Integer.toString(zookeeperServerConfig.autopurge().snapRetainCount()));
        linkedHashMap.put("4lw.commands.whitelist", "conf,cons,crst,dirs,dump,envi,mntr,ruok,srst,srvr,stat,wchs");
        linkedHashMap.put("admin.enableServer", "false");
        linkedHashMap.put("serverCnxnFactory", "org.apache.zookeeper.server.VespaNettyServerCnxnFactory");
        linkedHashMap.put("quorumListenOnAllIPs", "true");
        linkedHashMap.put("standaloneEnabled", "false");
        linkedHashMap.put("reconfigEnabled", Boolean.toString(zookeeperServerConfig.dynamicReconfiguration()));
        linkedHashMap.put("skipACL", "yes");
        addServerSpecs(linkedHashMap, zookeeperServerConfig, map);
        new TlsQuorumConfig().createConfig(linkedHashMap, vespaTlsConfig);
        new TlsClientServerConfig().createConfig(linkedHashMap, vespaTlsConfig);
        return transformConfigToString(linkedHashMap);
    }

    static void addServerSpecs(Map<String, String> map, ZookeeperServerConfig zookeeperServerConfig, Map<String, String> map2) {
        int ensureThisServerIsRepresented = ensureThisServerIsRepresented(zookeeperServerConfig.myid(), zookeeperServerConfig.server());
        Set set = (Set) zookeeperServerConfig.server().stream().map((v0) -> {
            return v0.hostname();
        }).collect(Collectors.toSet());
        if (map2.values().stream().anyMatch(str -> {
            return !set.contains(str.split(":", 2)[0]);
        })) {
            log.log(Level.WARNING, "Existing dynamic config refers to unknown servers, ignoring it");
            map2 = Map.of();
        }
        if (map2.isEmpty()) {
            map.putAll(getServerConfig(zookeeperServerConfig.server(), zookeeperServerConfig.server(ensureThisServerIsRepresented).joining() ? zookeeperServerConfig.myid() : -1));
            return;
        }
        Map.Entry<String, String> next = getServerConfig(zookeeperServerConfig.server().subList(ensureThisServerIsRepresented, ensureThisServerIsRepresented + 1), zookeeperServerConfig.myid()).entrySet().iterator().next();
        map2.putIfAbsent(next.getKey(), next.getValue());
        map.putAll(map2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Map<String, String> getServerConfig(List<ZookeeperServerConfig.Server> list, int i) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (ZookeeperServerConfig.Server server : list) {
            linkedHashMap.put("server." + server.id(), serverSpec(server, server.id() == i));
        }
        return linkedHashMap;
    }

    static String transformConfigToString(Map<String, String> map) {
        return (String) map.entrySet().stream().map(entry -> {
            return ((String) entry.getKey()) + "=" + ((String) entry.getValue());
        }).collect(Collectors.joining("\n", "", "\n"));
    }

    private void writeMyIdFile(ZookeeperServerConfig zookeeperServerConfig) throws IOException {
        FileWriter fileWriter = new FileWriter(Defaults.getDefaults().underVespaHome(zookeeperServerConfig.myidFile()));
        try {
            fileWriter.write(zookeeperServerConfig.myid() + "\n");
            fileWriter.close();
        } catch (Throwable th) {
            try {
                fileWriter.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static int ensureThisServerIsRepresented(int i, List<ZookeeperServerConfig.Server> list) {
        for (int i2 = 0; i2 < list.size(); i2++) {
            if (i == list.get(i2).id()) {
                return i2;
            }
        }
        throw new RuntimeException("No id in zookeeper server list that corresponds to my id (" + i + ")");
    }

    static String serverSpec(ZookeeperServerConfig.Server server, boolean z) {
        StringBuilder sb = new StringBuilder();
        sb.append(server.hostname()).append(":").append(server.quorumPort()).append(":").append(server.electionPort());
        if (z) {
            sb.append(":").append("observer");
        }
        sb.append(";").append(server.clientPort());
        return sb.toString();
    }

    static Map<String, String> parseConfigFile(Path path) {
        try {
            return Files.exists(path, new LinkOption[0]) ? (Map) Files.readAllLines(path).stream().filter(str -> {
                return !str.startsWith("#");
            }).map(str2 -> {
                return str2.split("=", 2);
            }).collect(CustomCollectors.toLinkedMap(strArr -> {
                return strArr[0];
            }, strArr2 -> {
                return strArr2[1];
            })) : Map.of();
        } catch (IOException e) {
            throw new UncheckedIOException("error reading zookeeper config", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<String> zookeeperServerHostnames(ZookeeperServerConfig zookeeperServerConfig) {
        return zookeeperServerConfig.server().stream().map((v0) -> {
            return v0.hostname();
        }).distinct().toList();
    }

    static Path makeAbsolutePath(String str) {
        Path path = Paths.get(str, new String[0]);
        return path.isAbsolute() ? path : Paths.get(Defaults.getDefaults().underVespaHome(str), new String[0]);
    }
}
