package org.apache.hadoop.security;

import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Map;
import java.util.TreeMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.SaslRpcServer;
import org.apache.hadoop.util.CombinedIPWhiteList;
import org.apache.hadoop.util.StringUtils;

/* loaded from: input_file:lib/hadoop-common-2.7.5.0.jar:org/apache/hadoop/security/WhitelistBasedResolver.class */
public class WhitelistBasedResolver extends SaslPropertiesResolver {
    public static final Log LOG = LogFactory.getLog(WhitelistBasedResolver.class);
    private static final String FIXEDWHITELIST_DEFAULT_LOCATION = "/etc/hadoop/fixedwhitelist";
    private static final String VARIABLEWHITELIST_DEFAULT_LOCATION = "/etc/hadoop/whitelist";
    public static final String HADOOP_SECURITY_SASL_FIXEDWHITELIST_FILE = "hadoop.security.sasl.fixedwhitelist.file";
    public static final String HADOOP_SECURITY_SASL_VARIABLEWHITELIST_ENABLE = "hadoop.security.sasl.variablewhitelist.enable";
    public static final String HADOOP_SECURITY_SASL_VARIABLEWHITELIST_FILE = "hadoop.security.sasl.variablewhitelist.file";
    public static final String HADOOP_SECURITY_SASL_VARIABLEWHITELIST_CACHE_SECS = "hadoop.security.sasl.variablewhitelist.cache.secs";
    public static final String HADOOP_RPC_PROTECTION_NON_WHITELIST = "hadoop.rpc.protection.non-whitelist";
    private CombinedIPWhiteList whiteList;
    private Map<String, String> saslProps;

    @Override // org.apache.hadoop.security.SaslPropertiesResolver, org.apache.hadoop.conf.Configurable
    public void setConf(Configuration configuration) {
        super.setConf(configuration);
        String str = configuration.get(HADOOP_SECURITY_SASL_FIXEDWHITELIST_FILE, FIXEDWHITELIST_DEFAULT_LOCATION);
        String str2 = null;
        long j = 0;
        if (configuration.getBoolean(HADOOP_SECURITY_SASL_VARIABLEWHITELIST_ENABLE, false)) {
            str2 = configuration.get(HADOOP_SECURITY_SASL_VARIABLEWHITELIST_FILE, VARIABLEWHITELIST_DEFAULT_LOCATION);
            j = configuration.getLong(HADOOP_SECURITY_SASL_VARIABLEWHITELIST_CACHE_SECS, 3600L) * 1000;
        }
        this.whiteList = new CombinedIPWhiteList(str, str2, j);
        this.saslProps = getSaslProperties(configuration);
    }

    @Override // org.apache.hadoop.security.SaslPropertiesResolver
    public Map<String, String> getServerProperties(InetAddress inetAddress) {
        if (inetAddress != null && this.whiteList.isIn(inetAddress.getHostAddress())) {
            return getDefaultProperties();
        }
        return this.saslProps;
    }

    public Map<String, String> getServerProperties(String str) throws UnknownHostException {
        return str == null ? this.saslProps : getServerProperties(InetAddress.getByName(str));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Map<String, String> getSaslProperties(Configuration configuration) {
        TreeMap treeMap = new TreeMap();
        String[] strings = configuration.getStrings(HADOOP_RPC_PROTECTION_NON_WHITELIST, SaslRpcServer.QualityOfProtection.PRIVACY.toString());
        for (int i = 0; i < strings.length; i++) {
            strings[i] = SaslRpcServer.QualityOfProtection.valueOf(StringUtils.toUpperCase(strings[i])).getSaslQop();
        }
        treeMap.put("javax.security.sasl.qop", StringUtils.join(",", strings));
        treeMap.put("javax.security.sasl.server.authentication", "true");
        return treeMap;
    }
}
