package com.gemstone.gemfire.internal.cache.tier.sockets;

import com.gemstone.gemfire.DataSerializer;
import com.gemstone.gemfire.cache.IncompatibleVersionException;
import com.gemstone.gemfire.cache.UnsupportedVersionException;
import com.gemstone.gemfire.cache.VersionException;
import com.gemstone.gemfire.distributed.DistributedMember;
import com.gemstone.gemfire.distributed.internal.InternalDistributedSystem;
import com.gemstone.gemfire.internal.HeapDataOutputStream;
import com.gemstone.gemfire.internal.Version;
import com.gemstone.gemfire.internal.VersionedDataStream;
import com.gemstone.gemfire.internal.cache.tier.Acceptor;
import com.gemstone.gemfire.internal.i18n.LocalizedStrings;
import com.gemstone.gemfire.internal.logging.InternalLogWriter;
import com.gemstone.gemfire.internal.logging.LogService;
import com.gemstone.gemfire.internal.logging.log4j.LocalizedMessage;
import com.gemstone.gemfire.internal.security.AuthorizeRequest;
import com.gemstone.gemfire.internal.security.AuthorizeRequestPP;
import com.gemstone.gemfire.security.AuthenticationFailedException;
import com.gemstone.gemfire.security.AuthenticationRequiredException;
import java.io.DataOutputStream;
import java.io.EOFException;
import java.io.IOException;
import java.io.OutputStream;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.SocketException;
import java.net.SocketTimeoutException;
import java.security.Principal;
import java.util.Properties;
import org.apache.logging.log4j.Logger;
import org.apache.shiro.subject.Subject;

/* loaded from: input_file:com/gemstone/gemfire/internal/cache/tier/sockets/ServerHandShakeProcessor.class */
public class ServerHandShakeProcessor {
    protected static final byte REPLY_REFUSED = 60;
    protected static final byte REPLY_INVALID = 61;
    private static final Logger logger = LogService.getLogger();
    public static Version currentServerVersion = Acceptor.VERSION;

    public static void setSeverVersionForTesting(short s) {
        currentServerVersion = Version.fromOrdinalOrCurrent(s);
    }

    public static boolean readHandShake(ServerConnection serverConnection) {
        boolean z = false;
        Version version = null;
        try {
            version = readClientVersion(serverConnection);
        } catch (UnsupportedVersionException e) {
            logger.warn("{} {}", serverConnection.getName(), e.getMessage(), e);
            serverConnection.refuseHandshake(e.getMessage(), (byte) 60);
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.cleanup();
            z = false;
        } catch (IOException e2) {
            if (serverConnection.getAcceptor().isRunning()) {
                logger.warn("{} {}", serverConnection.getName(), e2.getMessage(), e2);
            }
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.cleanup();
            z = false;
        } catch (Exception e3) {
            logger.warn("{} {}", serverConnection.getName(), e3.getMessage(), e3);
            serverConnection.refuseHandshake(LocalizedStrings.ServerHandShakeProcessor_0_SERVERS_CURRENT_VERSION_IS_1.toLocalizedString(e3.getMessage(), Acceptor.VERSION.toString()), (byte) 60);
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.cleanup();
            z = false;
        }
        if (version != null) {
            if (logger.isDebugEnabled()) {
                logger.debug("Client version: {}", version);
            }
            if (version.compareTo(Version.GFE_57) >= 0) {
                z = readGFEHandshake(serverConnection, version);
            } else {
                serverConnection.refuseHandshake("Unsupported version " + version + "Server's current version " + Acceptor.VERSION, (byte) 60);
            }
        }
        return z;
    }

    public static void refuse(OutputStream outputStream, String str) throws IOException {
        refuse(outputStream, str, (byte) 60);
    }

    public static void refuse(OutputStream outputStream, String str, byte b) throws IOException {
        HeapDataOutputStream heapDataOutputStream = new HeapDataOutputStream(32, Version.CURRENT);
        DataOutputStream dataOutputStream = new DataOutputStream(heapDataOutputStream);
        dataOutputStream.writeByte(b);
        dataOutputStream.writeByte(0);
        dataOutputStream.writeInt(0);
        writeServerMember(InternalDistributedSystem.getAnyInstance().getDistributedMember(), dataOutputStream);
        if (str == null) {
            str = "";
        }
        dataOutputStream.writeUTF(str);
        dataOutputStream.writeBoolean(Boolean.TRUE.booleanValue());
        outputStream.write(heapDataOutputStream.toByteArray());
        outputStream.flush();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Multi-variable type inference failed */
    public static void writeServerMember(DistributedMember distributedMember, DataOutputStream dataOutputStream) throws IOException {
        Version version = Version.CURRENT;
        if (dataOutputStream instanceof VersionedDataStream) {
            version = ((VersionedDataStream) dataOutputStream).getVersion();
        }
        HeapDataOutputStream heapDataOutputStream = new HeapDataOutputStream(version);
        DataSerializer.writeObject(distributedMember, heapDataOutputStream);
        DataSerializer.writeByteArray(heapDataOutputStream.toByteArray(), dataOutputStream);
        heapDataOutputStream.close();
    }

    private static boolean readGFEHandshake(ServerConnection serverConnection, Version version) {
        int handShakeTimeout = serverConnection.getHandShakeTimeout();
        InternalLogWriter securityLogWriter = serverConnection.getSecurityLogWriter();
        try {
            HandShake handShake = new HandShake(serverConnection.getSocket(), handShakeTimeout, serverConnection.getDistributedSystem(), version, serverConnection.getCommunicationMode());
            serverConnection.setHandshake(handShake);
            serverConnection.setProxyId(handShake.getMembership());
            if (version.compareTo(Version.GFE_65) < 0 || serverConnection.getCommunicationMode() == 103) {
                serverConnection.setUserAuthId(setAuthAttributes(serverConnection));
            }
            return true;
        } catch (AuthenticationFailedException e) {
            String localizedMessage = e.getLocalizedMessage();
            if (e.getCause() != null) {
                localizedMessage = localizedMessage + " : " + e.getCause().getLocalizedMessage();
            }
            if (securityLogWriter.warningEnabled()) {
                securityLogWriter.warning(LocalizedStrings.ONE_ARG, serverConnection.getName() + ": Security exception: " + localizedMessage);
            }
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.refuseHandshake(e.getMessage(), (byte) 63);
            serverConnection.cleanup();
            return false;
        } catch (AuthenticationRequiredException e2) {
            String localizedMessage2 = e2.getLocalizedMessage();
            if (e2.getCause() != null) {
                localizedMessage2 = localizedMessage2 + " : " + e2.getCause().getLocalizedMessage();
            }
            if (securityLogWriter.warningEnabled()) {
                securityLogWriter.warning(LocalizedStrings.ONE_ARG, serverConnection.getName() + ": Security exception: " + localizedMessage2);
            }
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.refuseHandshake(e2.getMessage(), (byte) 62);
            serverConnection.cleanup();
            return false;
        } catch (EOFException e3) {
            logger.info("{} {}", serverConnection.getName(), e3);
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.cleanup();
            return false;
        } catch (SocketException e4) {
            logger.info("{} {}", serverConnection.getName(), e4);
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.cleanup();
            return false;
        } catch (SocketTimeoutException e5) {
            logger.warn(LocalizedMessage.create(LocalizedStrings.ServerHandShakeProcessor_0_HANDSHAKE_REPLY_CODE_TIMEOUT_NOT_RECEIVED_WITH_IN_1_MS, new Object[]{serverConnection.getName(), Integer.valueOf(handShakeTimeout)}));
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.cleanup();
            return false;
        } catch (IOException e6) {
            logger.warn(LocalizedMessage.create(LocalizedStrings.ServerHandShakeProcessor_0_RECEIVED_NO_HANDSHAKE_REPLY_CODE, serverConnection.getName()), e6);
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.cleanup();
            return false;
        } catch (Exception e7) {
            logger.warn("{} {}", serverConnection.getName(), e7.getLocalizedMessage());
            serverConnection.stats.incFailedConnectionAttempts();
            serverConnection.refuseHandshake(e7.getMessage(), (byte) 60);
            serverConnection.cleanup();
            return false;
        }
    }

    public static long setAuthAttributes(ServerConnection serverConnection) throws Exception {
        long uniqueId;
        try {
            logger.debug("setAttributes()");
            Object verifyCredentials = ((HandShake) serverConnection.getHandshake()).verifyCredentials();
            if (verifyCredentials instanceof Subject) {
                uniqueId = ServerConnection.getClientUserAuths(serverConnection.getProxyID()).putSubject((Subject) verifyCredentials);
            } else {
                uniqueId = getUniqueId(serverConnection, (Principal) verifyCredentials);
                serverConnection.setPrincipal((Principal) verifyCredentials);
            }
            return uniqueId;
        } catch (Exception e) {
            throw e;
        }
    }

    public static long getUniqueId(ServerConnection serverConnection, Principal principal) throws Exception {
        try {
            InternalLogWriter securityLogWriter = serverConnection.getSecurityLogWriter();
            Properties properties = serverConnection.getDistributedSystem().getProperties();
            String property = properties.getProperty("security-client-accessor");
            String property2 = properties.getProperty("security-client-accessor-pp");
            AuthorizeRequest authorizeRequest = null;
            AuthorizeRequestPP authorizeRequestPP = null;
            if (property != null && property.length() > 0) {
                if (securityLogWriter.fineEnabled()) {
                    securityLogWriter.fine(serverConnection.getName() + ": Setting pre-process authorization callback to: " + property);
                }
                if (principal == null && securityLogWriter.warningEnabled()) {
                    securityLogWriter.warning(LocalizedStrings.ServerHandShakeProcessor_0_AUTHORIZATION_ENABLED_BUT_AUTHENTICATION_CALLBACK_1_RETURNED_WITH_NULL_CREDENTIALS_FOR_PROXYID_2, new Object[]{serverConnection.getName(), "security-client-authenticator", serverConnection.getProxyID()});
                }
                authorizeRequest = new AuthorizeRequest(property, serverConnection.getProxyID(), principal, serverConnection.getCache());
            }
            if (property2 != null && property2.length() > 0) {
                if (securityLogWriter.fineEnabled()) {
                    securityLogWriter.fine(serverConnection.getName() + ": Setting post-process authorization callback to: " + property2);
                }
                if (principal == null && securityLogWriter.warningEnabled()) {
                    securityLogWriter.warning(LocalizedStrings.ServerHandShakeProcessor_0_POSTPROCESS_AUTHORIZATION_ENABLED_BUT_NO_AUTHENTICATION_CALLBACK_2_IS_CONFIGURED, new Object[]{serverConnection.getName(), "security-client-authenticator"});
                }
                authorizeRequestPP = new AuthorizeRequestPP(property2, serverConnection.getProxyID(), principal, serverConnection.getCache());
            }
            return serverConnection.setUserAuthorizeAndPostAuthorizeRequest(authorizeRequest, authorizeRequestPP);
        } catch (Exception e) {
            throw e;
        }
    }

    private static Version readClientVersion(ServerConnection serverConnection) throws IOException, VersionException {
        Socket socket = serverConnection.getSocket();
        int handShakeTimeout = serverConnection.getHandShakeTimeout();
        int i = -1;
        try {
            i = socket.getSoTimeout();
            socket.setSoTimeout(handShakeTimeout);
            short readOrdinalFromInputStream = Version.readOrdinalFromInputStream(socket.getInputStream());
            if (readOrdinalFromInputStream == -1) {
                throw new EOFException(LocalizedStrings.ServerHandShakeProcessor_HANDSHAKEREADER_EOF_REACHED_BEFORE_CLIENT_VERSION_COULD_BE_READ.toLocalizedString());
            }
            try {
                Version fromOrdinal = Version.fromOrdinal(readOrdinalFromInputStream, true);
                if (!fromOrdinal.compatibleWith(Acceptor.VERSION)) {
                    throw new IncompatibleVersionException(fromOrdinal, Acceptor.VERSION);
                }
                if (i != -1) {
                    try {
                        socket.setSoTimeout(i);
                    } catch (IOException e) {
                    }
                }
                return fromOrdinal;
            } catch (UnsupportedVersionException e2) {
                if (serverConnection.getCommunicationMode() != 103 || readOrdinalFromInputStream == 59) {
                    SocketAddress remoteSocketAddress = socket.getRemoteSocketAddress();
                    throw new UnsupportedVersionException(e2.getMessage() + (remoteSocketAddress != null ? " Client: " + remoteSocketAddress.toString() + "." : ""));
                }
                Version version = Acceptor.VERSION;
                if (i != -1) {
                    try {
                        socket.setSoTimeout(i);
                    } catch (IOException e3) {
                    }
                }
                return version;
            }
        } catch (Throwable th) {
            if (i != -1) {
                try {
                    socket.setSoTimeout(i);
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }
}
