package org.apache.accumulo.core.rpc;

import com.google.common.net.HostAndPort;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.security.KeyStore;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import org.apache.accumulo.core.client.impl.ClientContext;
import org.apache.accumulo.core.client.impl.ThriftTransportPool;
import org.apache.accumulo.core.rpc.SaslConnectionParams;
import org.apache.accumulo.core.tabletserver.thrift.TabletClientService;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.thrift.TException;
import org.apache.thrift.TServiceClient;
import org.apache.thrift.TServiceClientFactory;
import org.apache.thrift.protocol.TProtocolFactory;
import org.apache.thrift.transport.TFramedTransport;
import org.apache.thrift.transport.TSSLTransportFactory;
import org.apache.thrift.transport.TSaslClientTransport;
import org.apache.thrift.transport.TSocket;
import org.apache.thrift.transport.TTransport;
import org.apache.thrift.transport.TTransportException;
import org.apache.thrift.transport.TTransportFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/accumulo/core/rpc/ThriftUtil.class */
public class ThriftUtil {
    private static final Logger log = LoggerFactory.getLogger(ThriftUtil.class);
    private static final TraceProtocolFactory protocolFactory = new TraceProtocolFactory();
    private static final TFramedTransport.Factory transportFactory = new TFramedTransport.Factory(Integer.MAX_VALUE);
    private static final Map<Integer, TTransportFactory> factoryCache = new HashMap();
    public static final String GSSAPI = "GSSAPI";
    public static final String DIGEST_MD5 = "DIGEST-MD5";

    public static TProtocolFactory protocolFactory() {
        return protocolFactory;
    }

    public static TTransportFactory transportFactory() {
        return transportFactory;
    }

    public static <T extends TServiceClient> T createClient(TServiceClientFactory<T> tServiceClientFactory, TTransport tTransport) {
        return (T) tServiceClientFactory.getClient(protocolFactory.getProtocol(tTransport), protocolFactory.getProtocol(tTransport));
    }

    public static <T extends TServiceClient> T getClientNoTimeout(TServiceClientFactory<T> tServiceClientFactory, HostAndPort hostAndPort, ClientContext clientContext) throws TTransportException {
        return (T) getClient(tServiceClientFactory, hostAndPort, clientContext, 0L);
    }

    public static <T extends TServiceClient> T getClient(TServiceClientFactory<T> tServiceClientFactory, HostAndPort hostAndPort, ClientContext clientContext) throws TTransportException {
        return (T) createClient(tServiceClientFactory, ThriftTransportPool.getInstance().getTransport(hostAndPort, clientContext.getClientTimeoutInMillis(), clientContext));
    }

    private static <T extends TServiceClient> T getClient(TServiceClientFactory<T> tServiceClientFactory, HostAndPort hostAndPort, ClientContext clientContext, long j) throws TTransportException {
        return (T) createClient(tServiceClientFactory, ThriftTransportPool.getInstance().getTransport(hostAndPort, j, clientContext));
    }

    public static void returnClient(TServiceClient tServiceClient) {
        if (tServiceClient != null) {
            ThriftTransportPool.getInstance().returnTransport(tServiceClient.getInputProtocol().getTransport());
        }
    }

    public static TabletClientService.Client getTServerClient(HostAndPort hostAndPort, ClientContext clientContext) throws TTransportException {
        return (TabletClientService.Client) getClient(new TabletClientService.Client.Factory(), hostAndPort, clientContext);
    }

    public static TabletClientService.Client getTServerClient(HostAndPort hostAndPort, ClientContext clientContext, long j) throws TTransportException {
        return (TabletClientService.Client) getClient(new TabletClientService.Client.Factory(), hostAndPort, clientContext, j);
    }

    public static TTransport createTransport(HostAndPort hostAndPort, ClientContext clientContext) throws TException {
        return createClientTransport(hostAndPort, (int) clientContext.getClientTimeoutInMillis(), clientContext.getClientSslParams(), clientContext.getSaslParams());
    }

    public static synchronized TTransportFactory transportFactory(int i) {
        TTransportFactory tTransportFactory = factoryCache.get(Integer.valueOf(i));
        if (tTransportFactory == null) {
            tTransportFactory = new TFramedTransport.Factory(i);
            factoryCache.put(Integer.valueOf(i), tTransportFactory);
        }
        return tTransportFactory;
    }

    public static synchronized TTransportFactory transportFactory(long j) {
        if (j > 2147483647L || j < 1) {
            throw new RuntimeException("Thrift transport frames are limited to 2147483647");
        }
        return transportFactory((int) j);
    }

    public static TTransport createClientTransport(HostAndPort hostAndPort, int i, SslConnectionParams sslConnectionParams, SaslConnectionParams saslConnectionParams) throws TTransportException {
        TTransport tTransport = null;
        try {
            if (sslConnectionParams != null) {
                if (null != saslConnectionParams) {
                    throw new IllegalStateException("Cannot use both SSL and SASL");
                }
                log.trace("Creating SSL client transport");
                tTransport = transportFactory().getTransport(sslConnectionParams.useJsse() ? TSSLTransportFactory.getClientSocket(hostAndPort.getHostText(), hostAndPort.getPort(), i) : createClient(new ProtocolOverridingSSLSocketFactory(createSSLContext(sslConnectionParams).getSocketFactory(), new String[]{sslConnectionParams.getClientProtocol()}), hostAndPort.getHostText(), hostAndPort.getPort(), i));
            } else if (null == saslConnectionParams) {
                log.trace("Opening normal transport");
                if (i == 0) {
                    tTransport = new TSocket(hostAndPort.getHostText(), hostAndPort.getPort());
                    tTransport.open();
                } else {
                    try {
                        tTransport = TTimeoutTransport.create(hostAndPort, i);
                        tTransport.open();
                    } catch (IOException e) {
                        log.warn("Failed to open transport to " + hostAndPort);
                        throw new TTransportException(e);
                    }
                }
                tTransport = transportFactory().getTransport(tTransport);
            } else {
                if (!UserGroupInformation.isSecurityEnabled()) {
                    throw new IllegalStateException("Expected Kerberos security to be enabled if SASL is in use");
                }
                log.trace("Creating SASL connection to {}:{}", hostAndPort.getHostText(), Integer.valueOf(hostAndPort.getPort()));
                try {
                    tTransport = TTimeoutTransport.create(hostAndPort, i);
                    try {
                        UserGroupInformation currentUser = UserGroupInformation.getCurrentUser();
                        String canonicalHostName = InetAddress.getByName(hostAndPort.getHostText()).getCanonicalHostName();
                        SaslConnectionParams.SaslMechanism mechanism = saslConnectionParams.getMechanism();
                        log.trace("Opening transport to server as {} to {}/{} using {}", new Object[]{currentUser, saslConnectionParams.getKerberosServerPrimary(), canonicalHostName, mechanism});
                        tTransport = new UGIAssumingTransport(new TSaslClientTransport(mechanism.getMechanismName(), (String) null, saslConnectionParams.getKerberosServerPrimary(), canonicalHostName, saslConnectionParams.getSaslProperties(), saslConnectionParams.getCallbackHandler(), tTransport), currentUser);
                        tTransport.open();
                    } catch (IOException e2) {
                        log.warn("Failed to open SASL transport", e2);
                        throw new TTransportException(e2);
                    }
                } catch (IOException e3) {
                    log.warn("Failed to open transport to {}", hostAndPort);
                    throw new TTransportException(e3);
                }
            }
            if (1 == 0 && tTransport != null) {
                tTransport.close();
            }
            return tTransport;
        } catch (Throwable th) {
            if (0 == 0 && tTransport != null) {
                tTransport.close();
            }
            throw th;
        }
    }

    private static SSLContext createSSLContext(SslConnectionParams sslConnectionParams) throws TTransportException {
        try {
            SSLContext sSLContext = SSLContext.getInstance(sslConnectionParams.getClientProtocol());
            TrustManagerFactory trustManagerFactory = null;
            KeyManagerFactory keyManagerFactory = null;
            if (sslConnectionParams.isTrustStoreSet()) {
                trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
                KeyStore keyStore = KeyStore.getInstance(sslConnectionParams.getTrustStoreType());
                FileInputStream fileInputStream = new FileInputStream(sslConnectionParams.getTrustStorePath());
                Throwable th = null;
                try {
                    keyStore.load(fileInputStream, sslConnectionParams.getTrustStorePass().toCharArray());
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    trustManagerFactory.init(keyStore);
                } finally {
                }
            }
            if (sslConnectionParams.isKeyStoreSet()) {
                keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                KeyStore keyStore2 = KeyStore.getInstance(sslConnectionParams.getKeyStoreType());
                FileInputStream fileInputStream2 = new FileInputStream(sslConnectionParams.getKeyStorePath());
                Throwable th3 = null;
                try {
                    keyStore2.load(fileInputStream2, sslConnectionParams.getKeyStorePass().toCharArray());
                    if (fileInputStream2 != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream2.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        } else {
                            fileInputStream2.close();
                        }
                    }
                    keyManagerFactory.init(keyStore2, sslConnectionParams.getKeyStorePass().toCharArray());
                } finally {
                }
            }
            if (sslConnectionParams.isKeyStoreSet() && sslConnectionParams.isTrustStoreSet()) {
                sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            } else if (sslConnectionParams.isKeyStoreSet()) {
                sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            } else {
                sSLContext.init(null, trustManagerFactory.getTrustManagers(), null);
            }
            return sSLContext;
        } catch (Exception e) {
            throw new TTransportException("Error creating the transport", e);
        }
    }

    private static TSocket createClient(SSLSocketFactory sSLSocketFactory, String str, int i, int i2) throws TTransportException {
        try {
            SSLSocket sSLSocket = (SSLSocket) sSLSocketFactory.createSocket(str, i);
            sSLSocket.setSoTimeout(i2);
            return new TSocket(sSLSocket);
        } catch (Exception e) {
            throw new TTransportException("Could not connect to " + str + " on port " + i, e);
        }
    }
}
