package org.apache.geode.internal.net;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.BindException;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.NetworkInterface;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketException;
import java.net.UnknownHostException;
import java.nio.channels.ServerSocketChannel;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import javax.naming.directory.InitialDirContext;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import org.apache.commons.lang.StringUtils;
import org.apache.geode.GemFireConfigException;
import org.apache.geode.SystemConnectException;
import org.apache.geode.SystemFailure;
import org.apache.geode.admin.internal.InetAddressUtil;
import org.apache.geode.cache.wan.GatewaySender;
import org.apache.geode.cache.wan.GatewayTransportFilter;
import org.apache.geode.distributed.ClientSocketFactory;
import org.apache.geode.distributed.internal.DistributionConfig;
import org.apache.geode.distributed.internal.DistributionConfigImpl;
import org.apache.geode.distributed.internal.InternalDistributedSystem;
import org.apache.geode.internal.ClassPathLoader;
import org.apache.geode.internal.ConnectionWatcher;
import org.apache.geode.internal.GfeConsoleReaderFactory;
import org.apache.geode.internal.admin.SSLConfig;
import org.apache.geode.internal.cache.wan.TransportFilterServerSocket;
import org.apache.geode.internal.cache.wan.TransportFilterSocketFactory;
import org.apache.geode.internal.i18n.LocalizedStrings;
import org.apache.geode.internal.logging.LogService;
import org.apache.geode.internal.logging.log4j.LocalizedMessage;
import org.apache.geode.internal.security.SecurableCommunicationChannel;
import org.apache.geode.internal.tcp.TCPConduit;
import org.apache.geode.internal.util.ArgumentRedactor;
import org.apache.geode.internal.util.PasswordUtil;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/apache/geode/internal/net/SocketCreator.class */
public class SocketCreator {
    private static final Logger logger = LogService.getLogger();
    public static final String USE_LINK_LOCAL_ADDRESSES_PROPERTY = "gemfire.net.useLinkLocalAddresses";
    private static final boolean useLinkLocalAddresses = Boolean.getBoolean(USE_LINK_LOCAL_ADDRESSES_PROPERTY);
    private static final InetAddress localHost;
    private static boolean useIPv6Addresses;
    private static final Map<InetAddress, String> hostNames;
    public static final boolean FORCE_DNS_USE;
    public static volatile boolean resolve_dns;
    public static volatile boolean use_client_host_name;
    private boolean ready = false;
    private boolean configShown = false;
    private SSLContext sslContext;
    private SSLConfig sslConfig;
    private ClientSocketFactory clientSocketFactory;
    public static final boolean ENABLE_TCP_KEEP_ALIVE;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/geode/internal/net/SocketCreator$ExtendedAliasKeyManager.class */
    public static class ExtendedAliasKeyManager extends X509ExtendedKeyManager {
        private final X509ExtendedKeyManager delegate;
        private final String keyAlias;

        ExtendedAliasKeyManager(KeyManager keyManager, String str) {
            this.delegate = (X509ExtendedKeyManager) keyManager;
            this.keyAlias = str;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.delegate.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return !StringUtils.isEmpty(this.keyAlias) ? this.keyAlias : this.delegate.chooseClientAlias(strArr, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.delegate.getServerAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return !StringUtils.isEmpty(this.keyAlias) ? getKeyAlias(str, this.delegate.getPrivateKey(this.keyAlias)) : this.delegate.chooseServerAlias(str, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return !StringUtils.isEmpty(this.keyAlias) ? this.delegate.getCertificateChain(this.keyAlias) : this.delegate.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.delegate.getPrivateKey(str);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            return !StringUtils.isEmpty(this.keyAlias) ? getKeyAlias(str, this.delegate.getPrivateKey(this.keyAlias)) : this.delegate.chooseEngineServerAlias(str, principalArr, sSLEngine);
        }

        private String getKeyAlias(String str, PrivateKey privateKey) {
            if (privateKey == null || !privateKey.getAlgorithm().equals(str)) {
                return null;
            }
            return this.keyAlias;
        }
    }

    public SocketCreator(SSLConfig sSLConfig) {
        this.sslConfig = sSLConfig;
        initialize();
    }

    public static InetAddress getLocalHost() throws UnknownHostException {
        if (localHost == null) {
            throw new UnknownHostException();
        }
        return localHost;
    }

    public static boolean preferIPv6Addresses() {
        return useIPv6Addresses;
    }

    public static synchronized String getHostName(InetAddress inetAddress) {
        String str = hostNames.get(inetAddress);
        if (str == null) {
            str = inetAddress.getHostName();
            hostNames.put(inetAddress, str);
        }
        return str;
    }

    public static synchronized String getCanonicalHostName(InetAddress inetAddress, String str) {
        String str2 = hostNames.get(inetAddress);
        if (str2 != null) {
            return str2;
        }
        hostNames.put(inetAddress, str);
        return str;
    }

    public static synchronized void resetHostNameCache() {
        hostNames.clear();
    }

    private void initialize() {
        try {
            if (SecurableCommunicationChannel.CLUSTER.equals(this.sslConfig.getSecuredCommunicationChannel())) {
                if (this.sslConfig.isEnabled()) {
                    System.setProperty("p2p.useSSL", DistributionConfig.CLIENT_CONFLATION_PROP_VALUE_ON);
                    System.setProperty("p2p.oldIO", DistributionConfig.CLIENT_CONFLATION_PROP_VALUE_ON);
                    System.setProperty("p2p.nodirectBuffers", DistributionConfig.CLIENT_CONFLATION_PROP_VALUE_ON);
                } else {
                    System.setProperty("p2p.useSSL", DistributionConfig.CLIENT_CONFLATION_PROP_VALUE_OFF);
                }
            }
            try {
                if (this.sslConfig.isEnabled() && this.sslContext == null) {
                    this.sslContext = createAndConfigureSSLContext();
                }
                TCPConduit.init();
                initializeClientSocketFactory();
                this.ready = true;
            } catch (Exception e) {
                throw new GemFireConfigException("Error configuring GemFire ssl ", e);
            }
        } catch (Error e2) {
            SystemFailure.checkFailure();
            e2.printStackTrace();
            throw e2;
        } catch (RuntimeException e3) {
            e3.printStackTrace();
            throw e3;
        } catch (VirtualMachineError e4) {
            SystemFailure.initiateFailure(e4);
            throw e4;
        }
    }

    private SSLContext createAndConfigureSSLContext() throws GeneralSecurityException, IOException {
        SSLContext sSLContextInstance = getSSLContextInstance();
        sSLContextInstance.init(getKeyManagers(), getTrustManagers(), null);
        return sSLContextInstance;
    }

    public static void readSSLProperties(Map<String, String> map) {
        readSSLProperties(map, false);
    }

    public static void readSSLProperties(Map<String, String> map, boolean z) {
        Properties properties = new Properties();
        DistributionConfigImpl.loadGemFireProperties(properties, z);
        for (Map.Entry entry : properties.entrySet()) {
            if (((String) entry.getKey()).startsWith(DistributionConfig.SSL_SYSTEM_PROPS_NAME) || ((String) entry.getKey()).startsWith(DistributionConfig.SYS_PROP_NAME)) {
                String str = (String) entry.getKey();
                if (str.startsWith(DistributionConfig.SYS_PROP_NAME)) {
                    str = str.substring(DistributionConfig.SYS_PROP_NAME.length());
                }
                if (entry.getValue() == null || ((String) entry.getValue()).trim().equals("")) {
                    GfeConsoleReaderFactory.GfeConsoleReader defaultConsoleReader = GfeConsoleReaderFactory.getDefaultConsoleReader();
                    if (!defaultConsoleReader.isSupported()) {
                        throw new GemFireConfigException("SSL properties are empty, but a console is not available");
                    }
                    map.put(str, defaultConsoleReader.readLine("Please enter " + str + ": "));
                }
            }
        }
    }

    private SSLContext getSSLContextInstance() {
        String[] protocolsAsStringArray = this.sslConfig.getProtocolsAsStringArray();
        SSLContext sSLContext = null;
        if (protocolsAsStringArray != null && protocolsAsStringArray.length > 0) {
            for (String str : protocolsAsStringArray) {
                if (!str.equals("any")) {
                    try {
                        sSLContext = SSLContext.getInstance(str);
                        break;
                    } catch (NoSuchAlgorithmException e) {
                    }
                }
            }
        }
        if (sSLContext != null) {
            return sSLContext;
        }
        for (String str2 : new String[]{"SSL", "SSLv2", "SSLv3", "TLS", "TLSv1", "TLSv1.1", "TLSv1.2"}) {
            try {
                sSLContext = SSLContext.getInstance(str2);
                break;
            } catch (NoSuchAlgorithmException e2) {
            }
        }
        return sSLContext;
    }

    private TrustManager[] getTrustManagers() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        GfeConsoleReaderFactory.GfeConsoleReader defaultConsoleReader = GfeConsoleReaderFactory.getDefaultConsoleReader();
        String truststoreType = this.sslConfig.getTruststoreType();
        if (StringUtils.isEmpty(truststoreType)) {
            truststoreType = defaultConsoleReader.isSupported() ? defaultConsoleReader.readLine("Please enter the trustStoreType (javax.net.ssl.trustStoreType) : ") : KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(truststoreType);
        String truststore = this.sslConfig.getTruststore();
        if (StringUtils.isEmpty(truststore) && defaultConsoleReader.isSupported()) {
            truststore = defaultConsoleReader.readLine("Please enter the trustStore location (javax.net.ssl.trustStore) : ");
        }
        FileInputStream fileInputStream = new FileInputStream(truststore);
        String truststorePassword = this.sslConfig.getTruststorePassword();
        char[] cArr = null;
        if (truststorePassword != null) {
            if (truststorePassword.trim().equals("")) {
                if (!StringUtils.isEmpty(truststorePassword)) {
                    truststorePassword = PasswordUtil.decrypt("encrypted(" + truststorePassword + ")");
                    cArr = truststorePassword.toCharArray();
                }
                if (StringUtils.isEmpty(truststorePassword) && defaultConsoleReader.isSupported()) {
                    cArr = defaultConsoleReader.readPassword("Please enter password for trustStore (javax.net.ssl.trustStorePassword) : ");
                }
            } else {
                cArr = truststorePassword.toCharArray();
            }
        }
        keyStore.load(fileInputStream, cArr);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (cArr != null) {
            Arrays.fill(cArr, ' ');
        }
        return trustManagers;
    }

    private KeyManager[] getKeyManagers() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException {
        GfeConsoleReaderFactory.GfeConsoleReader defaultConsoleReader = GfeConsoleReaderFactory.getDefaultConsoleReader();
        if (this.sslConfig.getKeystore() == null) {
            return null;
        }
        String keystoreType = this.sslConfig.getKeystoreType();
        if (StringUtils.isEmpty(keystoreType)) {
            keystoreType = defaultConsoleReader.isSupported() ? defaultConsoleReader.readLine("Please enter the keyStoreType (javax.net.ssl.keyStoreType) : ") : KeyStore.getDefaultType();
        }
        KeyStore keyStore = KeyStore.getInstance(keystoreType);
        String keystore = this.sslConfig.getKeystore();
        if (StringUtils.isEmpty(keystore)) {
            keystore = defaultConsoleReader.isSupported() ? defaultConsoleReader.readLine("Please enter the keyStore location (javax.net.ssl.keyStore) : ") : System.getProperty("user.home") + System.getProperty("file.separator") + ".keystore";
        }
        FileInputStream fileInputStream = new FileInputStream(keystore);
        String keystorePassword = this.sslConfig.getKeystorePassword();
        char[] cArr = null;
        if (keystorePassword != null) {
            if (keystorePassword.trim().equals("")) {
                String str = System.getenv(SSLConfigurationFactory.JAVAX_KEYSTORE_PASSWORD);
                if (!StringUtils.isEmpty(str)) {
                    keystorePassword = PasswordUtil.decrypt("encrypted(" + str + ")");
                    cArr = keystorePassword.toCharArray();
                }
                if (StringUtils.isEmpty(keystorePassword) && defaultConsoleReader != null) {
                    cArr = defaultConsoleReader.readPassword("Please enter password for keyStore (javax.net.ssl.keyStorePassword) : ");
                }
            } else {
                cArr = keystorePassword.toCharArray();
            }
        }
        keyStore.load(fileInputStream, cArr);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, cArr);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (cArr != null) {
            Arrays.fill(cArr, ' ');
        }
        KeyManager[] keyManagerArr = new KeyManager[keyManagers.length];
        for (int i = 0; i < keyManagers.length; i++) {
            keyManagerArr[i] = new ExtendedAliasKeyManager(keyManagers[i], this.sslConfig.getAlias());
        }
        return keyManagerArr;
    }

    public SSLContext getSslContext() {
        return this.sslContext;
    }

    public boolean useSSL() {
        return this.sslConfig.isEnabled();
    }

    public ServerSocket createServerSocket(int i, int i2) throws IOException {
        return createServerSocket(i, i2, null);
    }

    public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress, List<GatewayTransportFilter> list, int i3) throws IOException {
        if (list.isEmpty()) {
            return createServerSocket(i, i2, inetAddress, i3);
        }
        printConfig();
        TransportFilterServerSocket transportFilterServerSocket = new TransportFilterServerSocket(list);
        transportFilterServerSocket.setReuseAddress(true);
        transportFilterServerSocket.setReceiveBufferSize(i3);
        try {
            transportFilterServerSocket.bind(new InetSocketAddress(inetAddress, i), i2);
            return transportFilterServerSocket;
        } catch (BindException e) {
            BindException bindException = new BindException(LocalizedStrings.SocketCreator_FAILED_TO_CREATE_SERVER_SOCKET_ON_0_1.toLocalizedString(inetAddress, Integer.valueOf(i)));
            bindException.initCause(e);
            throw bindException;
        }
    }

    public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
        return createServerSocket(i, i2, inetAddress, -1, this.sslConfig.isEnabled());
    }

    public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress, int i3) throws IOException {
        return createServerSocket(i, i2, inetAddress, i3, this.sslConfig.isEnabled());
    }

    private ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress, int i3, boolean z) throws IOException {
        printConfig();
        if (z) {
            if (this.sslContext == null) {
                throw new GemFireConfigException("SSL not configured correctly, Please look at previous error");
            }
            SSLServerSocket sSLServerSocket = (SSLServerSocket) this.sslContext.getServerSocketFactory().createServerSocket();
            sSLServerSocket.setReuseAddress(true);
            if (i3 != -1) {
                sSLServerSocket.setReceiveBufferSize(i3);
            }
            sSLServerSocket.bind(new InetSocketAddress(inetAddress, i), i2);
            finishServerSocket(sSLServerSocket);
            return sSLServerSocket;
        }
        ServerSocket serverSocket = new ServerSocket();
        serverSocket.setReuseAddress(true);
        if (i3 != -1) {
            serverSocket.setReceiveBufferSize(i3);
        }
        try {
            serverSocket.bind(new InetSocketAddress(inetAddress, i), i2);
            return serverSocket;
        } catch (BindException e) {
            BindException bindException = new BindException(LocalizedStrings.SocketCreator_FAILED_TO_CREATE_SERVER_SOCKET_ON_0_1.toLocalizedString(inetAddress, Integer.valueOf(i)));
            bindException.initCause(e);
            throw bindException;
        }
    }

    public ServerSocket createServerSocketUsingPortRange(InetAddress inetAddress, int i, boolean z, boolean z2, int i2, int[] iArr) throws IOException {
        return createServerSocketUsingPortRange(inetAddress, i, z, z2, i2, iArr, this.sslConfig.isEnabled());
    }

    public ServerSocket createServerSocketUsingPortRange(InetAddress inetAddress, int i, boolean z, boolean z2, int i2, int[] iArr, boolean z3) throws IOException {
        ServerSocket createServerSocket;
        SecureRandom secureRandom = new SecureRandom();
        int i3 = iArr[1];
        int nextInt = iArr[0] + secureRandom.nextInt((iArr[1] - iArr[0]) + 1);
        int i4 = nextInt;
        while (true) {
            if (i4 > i3) {
                if (nextInt == 0) {
                    throw new SystemConnectException(LocalizedStrings.TCPConduit_UNABLE_TO_FIND_FREE_PORT.toLocalizedString());
                }
                i4 = iArr[0];
                i3 = nextInt - 1;
                nextInt = 0;
            }
            try {
                if (z2) {
                    createServerSocket = ServerSocketChannel.open().socket();
                    createServerSocket.bind(new InetSocketAddress(z ? inetAddress : null, i4), i);
                } else {
                    createServerSocket = createServerSocket(i4, i, z ? inetAddress : null, i2, z3);
                }
                return createServerSocket;
            } catch (SocketException e) {
                if (!z2 && !treatAsBindException(e)) {
                    throw e;
                }
                i4++;
            }
        }
    }

    public static boolean treatAsBindException(SocketException socketException) {
        if (socketException instanceof BindException) {
            return true;
        }
        String message = socketException.getMessage();
        return message != null && message.contains("Invalid argument: listen failed");
    }

    public Socket connectForClient(String str, int i, int i2) throws IOException {
        return connect(InetAddress.getByName(str), i, i2, null, true, -1);
    }

    public Socket connectForClient(String str, int i, int i2, int i3) throws IOException {
        return connect(InetAddress.getByName(str), i, i2, null, true, i3);
    }

    public Socket connectForServer(InetAddress inetAddress, int i) throws IOException {
        return connect(inetAddress, i, 0, null, false, -1);
    }

    public Socket connectForServer(InetAddress inetAddress, int i, int i2) throws IOException {
        return connect(inetAddress, i, 0, null, false, i2);
    }

    public Socket connect(InetAddress inetAddress, int i, int i2, ConnectionWatcher connectionWatcher, boolean z) throws IOException {
        return connect(inetAddress, i, i2, connectionWatcher, z, -1);
    }

    public Socket connect(InetAddress inetAddress, int i, int i2, ConnectionWatcher connectionWatcher, boolean z, int i3) throws IOException {
        return connect(inetAddress, i, i2, connectionWatcher, z, i3, this.sslConfig.isEnabled());
    }

    public Socket connect(InetAddress inetAddress, int i, int i2, ConnectionWatcher connectionWatcher, boolean z, int i3, boolean z2) throws IOException {
        Socket socket;
        InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, i);
        printConfig();
        try {
            if (z2) {
                if (this.sslContext == null) {
                    throw new GemFireConfigException("SSL not configured correctly, Please look at previous error");
                }
                Socket createSocket = this.sslContext.getSocketFactory().createSocket();
                createSocket.setKeepAlive(ENABLE_TCP_KEEP_ALIVE);
                if (i3 != -1) {
                    createSocket.setReceiveBufferSize(i3);
                }
                if (connectionWatcher != null) {
                    connectionWatcher.beforeConnect(createSocket);
                }
                createSocket.connect(inetSocketAddress, Math.max(i2, 0));
                configureClientSSLSocket(createSocket, i2);
                if (connectionWatcher != null) {
                    connectionWatcher.afterConnect(createSocket);
                }
                return createSocket;
            }
            if (!z || this.clientSocketFactory == null) {
                socket = new Socket();
                socket.setKeepAlive(ENABLE_TCP_KEEP_ALIVE);
                if (i3 != -1) {
                    socket.setReceiveBufferSize(i3);
                }
                if (connectionWatcher != null) {
                    connectionWatcher.beforeConnect(socket);
                }
                socket.connect(inetSocketAddress, Math.max(i2, 0));
            } else {
                socket = this.clientSocketFactory.createSocket(inetAddress, i);
            }
            Socket socket2 = socket;
            if (connectionWatcher != null) {
                connectionWatcher.afterConnect(socket);
            }
            return socket2;
        } catch (Throwable th) {
            if (connectionWatcher != null) {
                connectionWatcher.afterConnect(null);
            }
            throw th;
        }
    }

    public void configureServerSSLSocket(Socket socket) throws IOException {
        if (socket instanceof SSLSocket) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            try {
                sSLSocket.startHandshake();
                Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
                if (logger.isDebugEnabled()) {
                    logger.debug(LocalizedMessage.create(LocalizedStrings.SocketCreator_SSL_CONNECTION_FROM_PEER_0, ((X509Certificate) peerCertificates[0]).getSubjectDN()));
                }
            } catch (SSLPeerUnverifiedException e) {
                if (this.sslConfig.isRequireAuth()) {
                    logger.fatal(LocalizedMessage.create(LocalizedStrings.SocketCreator_SSL_ERROR_IN_AUTHENTICATING_PEER_0_1, new Object[]{socket.getInetAddress(), Integer.valueOf(socket.getPort())}), e);
                    throw e;
                }
            }
        }
    }

    private void finishServerSocket(SSLServerSocket sSLServerSocket) throws IOException {
        sSLServerSocket.setUseClientMode(false);
        if (this.sslConfig.isRequireAuth()) {
            sSLServerSocket.setNeedClientAuth(true);
        }
        sSLServerSocket.setEnableSessionCreation(true);
        String[] protocolsAsStringArray = this.sslConfig.getProtocolsAsStringArray();
        if (!"any".equalsIgnoreCase(protocolsAsStringArray[0])) {
            sSLServerSocket.setEnabledProtocols(protocolsAsStringArray);
        }
        String[] ciphersAsStringArray = this.sslConfig.getCiphersAsStringArray();
        if ("any".equalsIgnoreCase(ciphersAsStringArray[0])) {
            return;
        }
        sSLServerSocket.setEnabledCipherSuites(ciphersAsStringArray);
    }

    private void configureClientSSLSocket(Socket socket, int i) throws IOException {
        if (socket instanceof SSLSocket) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            sSLSocket.setUseClientMode(true);
            sSLSocket.setEnableSessionCreation(true);
            String[] protocolsAsStringArray = this.sslConfig.getProtocolsAsStringArray();
            if (protocolsAsStringArray != null && !"any".equalsIgnoreCase(protocolsAsStringArray[0])) {
                sSLSocket.setEnabledProtocols(protocolsAsStringArray);
            }
            String[] ciphersAsStringArray = this.sslConfig.getCiphersAsStringArray();
            if (ciphersAsStringArray != null && !"any".equalsIgnoreCase(ciphersAsStringArray[0])) {
                sSLSocket.setEnabledCipherSuites(ciphersAsStringArray);
            }
            if (i > 0) {
                try {
                    sSLSocket.setSoTimeout(i);
                } catch (SSLHandshakeException e) {
                    logger.fatal(LocalizedMessage.create(LocalizedStrings.SocketCreator_SSL_ERROR_IN_CONNECTING_TO_PEER_0_1, new Object[]{socket.getInetAddress(), Integer.valueOf(socket.getPort())}), e);
                    throw e;
                } catch (SSLPeerUnverifiedException e2) {
                    if (this.sslConfig.isRequireAuth()) {
                        logger.fatal(LocalizedMessage.create(LocalizedStrings.SocketCreator_SSL_ERROR_IN_AUTHENTICATING_PEER), e2);
                        throw e2;
                    }
                    return;
                }
            }
            sSLSocket.startHandshake();
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            if (logger.isDebugEnabled()) {
                logger.debug(LocalizedMessage.create(LocalizedStrings.SocketCreator_SSL_CONNECTION_FROM_PEER_0, ((X509Certificate) peerCertificates[0]).getSubjectDN()));
            }
        }
    }

    private void printConfig() {
        if (this.configShown || !logger.isDebugEnabled()) {
            return;
        }
        this.configShown = true;
        StringBuilder sb = new StringBuilder();
        sb.append("SSL Configuration: \n");
        sb.append("  ssl-enabled = ").append(this.sslConfig.isEnabled()).append("\n");
        for (String str : System.getProperties().stringPropertyNames()) {
            if (str.startsWith(DistributionConfig.SSL_SYSTEM_PROPS_NAME)) {
                sb.append("  ").append(str).append(" = ").append(ArgumentRedactor.redact(str, System.getProperty(str))).append("\n");
            }
        }
        logger.debug(sb.toString());
    }

    protected void initializeClientSocketFactory() {
        this.clientSocketFactory = null;
        String property = System.getProperty("gemfire.clientSocketFactory");
        if (property != null) {
            try {
                Object newInstance = ClassPathLoader.getLatest().forName(property).newInstance();
                if (!(newInstance instanceof ClientSocketFactory)) {
                    throw new IllegalArgumentException("Class \"" + property + "\" is not a ClientSocketFactory");
                }
                this.clientSocketFactory = (ClientSocketFactory) newInstance;
            } catch (Exception e) {
                throw new IllegalArgumentException("An unexpected exception occurred while instantiating a " + property + ": " + e);
            }
        }
    }

    public void initializeTransportFilterClientSocketFactory(GatewaySender gatewaySender) {
        this.clientSocketFactory = new TransportFilterSocketFactory().setGatewayTransportFilters(gatewaySender.getGatewayTransportFilters());
    }

    public static Set<InetAddress> getMyAddresses() {
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        try {
            Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
            while (networkInterfaces.hasMoreElements()) {
                NetworkInterface nextElement = networkInterfaces.nextElement();
                boolean z = false;
                try {
                    z = nextElement.isUp();
                } catch (SocketException e) {
                    if (InternalDistributedSystem.getAnyInstance() != null) {
                        logger.info("Failed to check if network interface is up. Skipping {}", nextElement, e);
                    }
                }
                if (z) {
                    Enumeration<InetAddress> inetAddresses = nextElement.getInetAddresses();
                    while (inetAddresses.hasMoreElements()) {
                        InetAddress nextElement2 = inetAddresses.nextElement();
                        if (nextElement2.isLoopbackAddress() || nextElement2.isAnyLocalAddress() || (!useLinkLocalAddresses && nextElement2.isLinkLocalAddress())) {
                            hashSet2.add(nextElement2);
                        } else {
                            hashSet.add(nextElement2);
                        }
                    }
                }
            }
            return hashSet.size() == 0 ? hashSet2 : hashSet;
        } catch (SocketException e2) {
            throw new IllegalArgumentException(LocalizedStrings.StartupMessage_UNABLE_TO_EXAMINE_NETWORK_INTERFACES.toLocalizedString(), e2);
        }
    }

    public static String reverseDNS(InetAddress inetAddress) {
        byte[] address = inetAddress.getAddress();
        String str = "";
        for (int length = address.length - 1; length >= 0; length--) {
            str = str + (address[length] & 255) + '.';
        }
        String str2 = str + "in-addr.arpa";
        try {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.dns.DnsContextFactory");
            InitialDirContext initialDirContext = new InitialDirContext(hashtable);
            NamingEnumeration all = initialDirContext.getAttributes(str2, new String[]{"PTR"}).getAll();
            while (all.hasMoreElements()) {
                Attribute attribute = (Attribute) all.next();
                NamingEnumeration all2 = attribute.getAll();
                while (all2.hasMoreElements()) {
                    Object nextElement = all2.nextElement();
                    if ("PTR".equals(attribute.getID()) && nextElement != null) {
                        return nextElement.toString();
                    }
                }
            }
            initialDirContext.close();
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    public static boolean isLocalHost(Object obj) {
        if (!(obj instanceof InetAddress)) {
            return isLocalHost(toInetAddress(obj.toString()));
        }
        if (InetAddressUtil.LOCALHOST.equals(obj) || ((InetAddress) obj).isLoopbackAddress()) {
            return true;
        }
        try {
            Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
            while (networkInterfaces.hasMoreElements()) {
                Enumeration<InetAddress> inetAddresses = networkInterfaces.nextElement().getInetAddresses();
                while (inetAddresses.hasMoreElements()) {
                    if (obj.equals(inetAddresses.nextElement())) {
                        return true;
                    }
                }
            }
            return false;
        } catch (SocketException e) {
            throw new IllegalArgumentException(LocalizedStrings.InetAddressUtil_UNABLE_TO_QUERY_NETWORK_INTERFACE.toLocalizedString(), e);
        }
    }

    public static InetAddress toInetAddress(String str) {
        if (str == null || str.length() == 0) {
            return null;
        }
        try {
            return str.indexOf("/") > -1 ? InetAddress.getByName(str.substring(str.indexOf("/") + 1)) : InetAddress.getByName(str);
        } catch (UnknownHostException e) {
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    static {
        useIPv6Addresses = !Boolean.getBoolean("java.net.preferIPv4Stack") && Boolean.getBoolean("java.net.preferIPv6Addresses");
        hostNames = new HashMap();
        FORCE_DNS_USE = Boolean.getBoolean("gemfire.forceDnsUse");
        resolve_dns = true;
        use_client_host_name = true;
        InetAddress inetAddress = null;
        try {
            inetAddress = InetAddress.getByAddress(InetAddress.getLocalHost().getAddress());
            if (inetAddress.isLoopbackAddress()) {
                InetAddress inetAddress2 = null;
                InetAddress inetAddress3 = null;
                Set<InetAddress> myAddresses = getMyAddresses();
                boolean z = useIPv6Addresses;
                String str = null;
                Iterator<InetAddress> it = myAddresses.iterator();
                while (str == null && it.hasNext()) {
                    InetAddress next = it.next();
                    if (next.isLoopbackAddress() || next.isAnyLocalAddress()) {
                        break;
                    }
                    boolean z2 = next instanceof Inet6Address;
                    boolean z3 = next instanceof Inet4Address;
                    if ((z && z2) || (!z && z3)) {
                        String reverseDNS = reverseDNS(next);
                        if (inetAddress.isLoopbackAddress()) {
                            inetAddress = next;
                            str = reverseDNS;
                        } else if (reverseDNS != null) {
                            inetAddress = next;
                            str = reverseDNS;
                        }
                    } else if (z && z3 && inetAddress2 == null) {
                        inetAddress2 = next;
                    } else if (!z && z2 && inetAddress3 == null) {
                        inetAddress3 = next;
                    }
                }
                if (inetAddress.isLoopbackAddress()) {
                    if (inetAddress2 != null) {
                        inetAddress = inetAddress2;
                        useIPv6Addresses = false;
                    } else if (inetAddress3 != null) {
                        inetAddress = inetAddress3;
                        useIPv6Addresses = true;
                    }
                }
            }
        } catch (UnknownHostException e) {
        }
        localHost = inetAddress;
        String property = System.getProperty("gemfire.setTcpKeepAlive");
        if (property != null) {
            ENABLE_TCP_KEEP_ALIVE = Boolean.valueOf(property).booleanValue();
        } else {
            ENABLE_TCP_KEEP_ALIVE = true;
        }
    }
}
