package com.cloudera.keytrustee;

import com.cloudera.keytrustee.Connector;
import com.cloudera.keytrustee.FailoverServerInfo;
import com.cloudera.keytrustee.impl.FailoverClientInfoImpl;
import com.cloudera.keytrustee.util.ConfigUpdate;
import com.cloudera.keytrustee.util.Environment;
import com.google.common.base.Preconditions;
import java.io.File;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.ListIterator;
import java.util.Map;
import javax.net.ssl.SSLContext;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.filefilter.CanReadFileFilter;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.crypto.key.kms.server.TrusteeACLs;
import org.apache.hadoop.fs.Path;
import org.apache.hadoop.security.ProviderUtils;

/* loaded from: input_file:com/cloudera/keytrustee/TrusteeKeyProviderConfiguration.class */
public class TrusteeKeyProviderConfiguration {
    public static final String KTS_CONFIG_DIR = "kts.config.dir";
    public static final String KTS_SITE_XML = "kts-site.xml";
    public static final String KTS_ACLS_XML = "kms-acls.xml";
    public static final String CONFIG_PREFIX = "cloudera.trustee.keyprovider.";
    public static final String ACL_CONFIG_PREFIX = "keytrustee.kms.";
    public static final String KEYTRUSTEE_CONF_DIR_ENV_VAR = "KEYTRUSTEE_CONF_DIR";
    public static final String KEYTRUSTEE_CONF_DIR_KEY = "hadoop.security.keystore.conf-dir";
    public static final String DEFAULT_KEYTRUSTEE_CONF_DIR_VALUE = "/var/lib/kms-keytrustee/keytrustee/.keytrustee";
    public static final String DEFAULT_PARCEL_LOCATION = "/opt/cloudera/parcels";
    public static final String DEFAULT_KEYTRUSTEE_55_PARCEL = "KEYTRUSTEE-5.5.0-1.cdh5.5.0.p0.215";
    public static final String DEFAULT_ZOOKEEPER_CONN_STRING_VALUE = "localhost:2181";
    public static final String DEFAULT_ZOOKEEPER_AUTH_TYPE = "none";
    public static final int DEFAULT_ZOOKEEPER_CONN_BLOCK_SEC = 10;
    public static final String KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR = "KEYTRUSTEE_HOSTNAME_ACTIVE";
    public static final String KEYTRUSTEE_SERVER_PASSIVE_HOST_ENV_VAR = "KEYTRUSTEE_HOSTNAME_PASSIVE";
    public static final String KEYTRUSTEE_SERVER_ORG_ENV_VAR = "KEYTRUSTEE_ORG";
    public static final String KEYTRUSTEE_SERVER_AUTH_ENV_VAR = "KEYTRUSTEE_AUTH";
    public static final String KEYTRUSTEE_SERVER_CERT_FILE_ENV_VAR = "KEYTRUSTEE_CERT";
    public static final String KEYTRUSTEE_SERVER_KEY_LENGTH_ENV_VAR = "KEYTRUSTEE_KEYLENGTH";
    public static final String KEYTRUSTEE_SERVER_INSECURE_ENV_VAR = "KEYTRUSTEE_INSECURE";
    public static final String KEYTRUSTEE_SERVER_PROTOCOL_ENV_VAR = "KEYTRUSTEE_PROTOCOL";
    public static final String KEYTRUSTEE_SERVER_TOKEN_SYNC_ENV_VAR = "KEYTRUSTEE_TOKENSYNC";
    public static final String KEYTRUSTEE_SERVER_ROUND_ROBIN_ENV_VAR = "KEYTRUSTEE_ROUND_ROBIN";
    public static final String KEYTRUSTEE_SERVER_HKP_PORT_ENV_VAR = "KEYTRUSTEE_HKP_PORT";
    public static final String KEYTRUSTEE_SERVER_KTS_PORT_ENV_VAR = "KEYTRUSTEE_KTS_PORT";
    public static final String KEYTRUSTEE_SERVER_HKP_SSL_ENV_VAR = "KEYTRUSTEE_HKP_SSL";
    public static final String KEYTRUSTEE_CLIENT_USE_POOL_ENV_VAR = "KEYTRUSTEE_USE_POOL";
    public static final String KEYTRUSTEE_CLIENT_STRONG_LOCKING_ENV_VAR = "KEYTRUSTEE_STRONG_LOCKING";
    public static final String KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY = "cloudera.trustee.keyprovider.hostname-ACTIVE";
    public static final String KEYTRUSTEE_SERVER_PASSIVE_HOST_KEY = "cloudera.trustee.keyprovider.hostname-PASSIVE";
    public static final String KEYTRUSTEE_SERVER_ORG_KEY = "cloudera.trustee.keyprovider.org";
    public static final String KEYTRUSTEE_SERVER_AUTH_KEY = "cloudera.trustee.keyprovider.auth";
    public static final String KEYTRUSTEE_SERVER_CERT_FILE_KEY = "cloudera.trustee.keyprovider.cert";
    public static final String KEYTRUSTEE_SERVER_KEY_LENGTH_KEY = "cloudera.trustee.keyprovider.keylength";
    public static final String KEYTRUSTEE_SERVER_INSECURE_KEY = "cloudera.trustee.keyprovider.insecure";
    public static final String KEYTRUSTEE_SERVER_PROTOCOL_KEY = "cloudera.trustee.keyprovider.protocol";
    public static final String KEYTRUSTEE_SERVER_TOKEN_SYNC_KEY = "cloudera.trustee.keyprovider.tokensync";
    public static final String KEYTRUSTEE_SERVER_ROUND_ROBIN_KEY = "cloudera.trustee.keyprovider.roundrobin";
    public static final String KEYTRUSTEE_SERVER_HKP_PORT_KEY = "cloudera.trustee.keyprovider.hkpport";
    public static final String KEYTRUSTEE_SERVER_KTS_PORT_KEY = "cloudera.trustee.keyprovider.ktsport";
    public static final String KEYTRUSTEE_SERVER_HKP_SSL_KEY = "cloudera.trustee.keyprovider.hkpssl";
    public static final String KEYTRUSTEE_CLIENT_USE_POOL_KEY = "cloudera.trustee.keyprovider.usepool";
    public static final String KEYTRUSTEE_CLIENT_STRONG_LOCKING_KEY = "cloudera.trustee.keyprovider.stronglocking";
    public static final String KEYTRUSTEE_CLIENT_POOL_MAX_SIZE_ENV_VAR = "KEYTRUSTEE_POOL_MAX";
    public static final String KEYTRUSTEE_CLIENT_POOL_MIN_IDLE_ENV_VAR = "KEYTRUSTEE_POOL_MIN_IDLE";
    public static final String KEYTRUSTEE_CLIENT_POOL_MAX_IDLE_ENV_VAR = "KEYTRUSTEE_POOL_MAX_IDLE";
    public static final String KEYTRUSTEE_CLIENT_POOL_ABANDONED_TIMEOUT_ENV_VAR = "KEYTRUSTEE_POOL_ABANDONED_TIMEOUT";
    public static final String KEYTRUSTEE_CLIENT_POOL_MAX_SIZE_KEY = "cloudera.trustee.keyprovider.pool.max";
    public static final String KEYTRUSTEE_CLIENT_POOL_MIN_IDLE_KEY = "cloudera.trustee.keyprovider.pool.min.idle";
    public static final String KEYTRUSTEE_CLIENT_POOL_MAX_IDLE_KEY = "cloudera.trustee.keyprovider.pool.max.idle";
    public static final String KEYTRUSTEE_CLIENT_POOL_ABANDONED_TIMEOUT_KEY = "cloudera.trustee.keyprovider.pool.abandoned.timeout";
    public static final String KEYTRUSTEE_CLIENT_READ_CONNECTION_TIMEOUT_ENV_VAR = "KEYTRUSTEE_HTTP_READ_TIMEOUT";
    public static final String KEYTRUSTEE_CLIENT_READ_CONNECTION_TIMEOUT_KEY = "cloudera.keytrustee.http.read.connectiontimeout";
    public static final String ZOOKEEPER_CONFIX_PREFIX = "hadoop.kms.authentication.signer.secret.provider.zookeeper.";
    public static final String ZOOKEEPER_CONN_STRING_KEY = "hadoop.kms.authentication.signer.secret.provider.zookeeper.connection.string";
    public static final String ZOOKEEPER_AUTH_TYPE_KEY = "hadoop.kms.authentication.signer.secret.provider.zookeeper.auth.type";
    public static final String ZOOKEEPER_KERBEROS_KEYTAB_KEY = "hadoop.kms.authentication.signer.secret.provider.zookeeper.kerberos.keytab";
    public static final String ZOOKEEPER_KERBEROS_PRINCIPAL_KEY = "hadoop.kms.authentication.signer.secret.provider.zookeeper.kerberos.principal";
    public static final String KMS_HOSTS_KEY = "hadoop.security.key.provider.path";
    public static final String ZOOKEEPER_CONN_BLOCK_SEC_KEY = "cloudera.trustee.keyprovider.zookeeper.connection.wait";
    public static final String KEYTRUSTEE_CLIENT_DISABLE_UPDATE_FINGERPRINT_FROM_SERVER_ENV_VAR = "KEYTRUSTEE_DISABLE_UPDATE_FINGERPRINT";
    public static final String KEYTRUSTEE_CLIENT_DISABLE_UPDATE_FINGERPRINT_FROM_SERVER_KEY = "cloudera.keytrustee.disable.update.fingerprint";
    private static final Log LOG = LogFactory.getLog(TrusteeKeyProviderConfiguration.class);
    private Environment env;
    private Configuration conf;
    private URI[] uris;
    private File keyTrusteeConfDir;
    private URL keyTrusteeURL;
    private final SSLContext sslContext;

    /* loaded from: input_file:com/cloudera/keytrustee/TrusteeKeyProviderConfiguration$Register.class */
    public final class Register {
        private Configuration conf;
        private Environment env;
        private String hostname;
        private String[] hostnames;
        private String certPath;
        private String protocol;

        /* renamed from: org, reason: collision with root package name */
        private String f0org;
        private String auth;
        private boolean insecure;
        private boolean tokenSync;
        private boolean roundRobin;
        private Integer hkpPort;
        private Integer ktsPort;
        private Boolean hkpSsl;
        private boolean failed = false;

        public Register(Configuration configuration, Environment environment) {
            this.conf = configuration;
            this.env = environment;
        }

        public String getHostname() {
            return this.hostname;
        }

        public String[] getHostnames() {
            return this.hostnames;
        }

        public String getCertPath() {
            return this.certPath;
        }

        public String getProtocol() {
            return this.protocol;
        }

        public String getOrg() {
            return this.f0org;
        }

        public String getAuth() {
            return this.auth;
        }

        public boolean isInsecure() {
            return this.insecure;
        }

        public boolean isTokenSync() {
            return this.tokenSync;
        }

        public boolean isRoundRobin() {
            return this.roundRobin;
        }

        public Integer getHkpPort() {
            return this.hkpPort;
        }

        public Integer getKtsPort() {
            return this.ktsPort;
        }

        public Boolean getHkpSsl() {
            return this.hkpSsl;
        }

        public Register invoke() {
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR)) {
                this.hostname = this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR);
            } else {
                this.hostname = this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY);
            }
            rationalizeHostnames(this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_PASSIVE_HOST_ENV_VAR) ? this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_PASSIVE_HOST_ENV_VAR) : this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_PASSIVE_HOST_KEY));
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_CERT_FILE_ENV_VAR)) {
                this.certPath = this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_CERT_FILE_ENV_VAR);
            } else {
                this.certPath = this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_CERT_FILE_KEY);
                if (null != this.certPath && this.certPath.equals(TrusteeACLs.ACL_DEFAULT)) {
                    this.certPath = null;
                }
            }
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_PROTOCOL_ENV_VAR)) {
                this.protocol = this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_PROTOCOL_ENV_VAR);
            } else {
                this.protocol = this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_PROTOCOL_KEY);
                if (null == this.protocol || this.protocol.equals(TrusteeACLs.ACL_DEFAULT)) {
                    this.protocol = "json-encrypt";
                }
            }
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ORG_ENV_VAR)) {
                this.f0org = this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ORG_ENV_VAR);
            } else {
                this.f0org = this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ORG_KEY);
            }
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_AUTH_ENV_VAR)) {
                this.auth = this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_AUTH_ENV_VAR);
            } else {
                this.auth = this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_AUTH_KEY);
            }
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_INSECURE_ENV_VAR)) {
                this.insecure = Boolean.parseBoolean(this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_INSECURE_ENV_VAR));
            } else {
                this.insecure = Boolean.parseBoolean(this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_INSECURE_KEY));
            }
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_TOKEN_SYNC_ENV_VAR)) {
                this.tokenSync = Boolean.parseBoolean(this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_TOKEN_SYNC_ENV_VAR));
            } else {
                this.tokenSync = Boolean.parseBoolean(this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_TOKEN_SYNC_KEY));
            }
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ROUND_ROBIN_ENV_VAR)) {
                this.roundRobin = Boolean.parseBoolean(this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ROUND_ROBIN_ENV_VAR));
            } else {
                this.roundRobin = Boolean.parseBoolean(this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ROUND_ROBIN_KEY));
            }
            try {
                if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_HKP_PORT_ENV_VAR)) {
                    this.hkpPort = Integer.valueOf(Integer.parseInt(this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_HKP_PORT_ENV_VAR)));
                } else {
                    this.hkpPort = Integer.valueOf(Integer.parseInt(this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_HKP_PORT_KEY)));
                }
            } catch (NumberFormatException e) {
                this.hkpPort = null;
                if (TrusteeKeyProviderConfiguration.LOG.isDebugEnabled()) {
                    TrusteeKeyProviderConfiguration.LOG.debug(e);
                }
                if (TrusteeKeyProviderConfiguration.LOG.isWarnEnabled()) {
                    TrusteeKeyProviderConfiguration.LOG.warn("Could not find and/or parse HKP port in configuration. Setting hkpPort to null. Expect auto-negotiation with server.");
                }
            }
            try {
                if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_KTS_PORT_ENV_VAR)) {
                    this.ktsPort = Integer.valueOf(Integer.parseInt(this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_KTS_PORT_ENV_VAR)));
                } else {
                    this.ktsPort = Integer.valueOf(Integer.parseInt(this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_KTS_PORT_KEY)));
                }
            } catch (NumberFormatException e2) {
                this.ktsPort = null;
                if (TrusteeKeyProviderConfiguration.LOG.isDebugEnabled()) {
                    TrusteeKeyProviderConfiguration.LOG.debug(e2);
                }
                if (TrusteeKeyProviderConfiguration.LOG.isWarnEnabled()) {
                    TrusteeKeyProviderConfiguration.LOG.warn("Could not find and/or parse KTS port in configuration. Setting ktsPort to null. Expect auto-negotiation with server.");
                }
            }
            if (this.env.containsKey(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_HKP_SSL_ENV_VAR)) {
                this.hkpSsl = Boolean.valueOf(Boolean.parseBoolean(this.env.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_HKP_SSL_ENV_VAR)));
            } else {
                this.hkpSsl = Boolean.valueOf(Boolean.parseBoolean(this.conf.get(TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_HKP_SSL_KEY)));
            }
            if (null == this.hkpSsl && TrusteeKeyProviderConfiguration.LOG.isWarnEnabled()) {
                TrusteeKeyProviderConfiguration.LOG.warn("Could not find HKP SSL setting in configuration. Setting hkpSsl to null. Expect auto-negotiation with server.");
            }
            return this;
        }

        private String getFromEnvironmentOrConfiguration(String str, String str2) {
            return this.env.containsKey(str) ? this.env.get(str) : this.conf.get(str2);
        }

        private void rationalizeHostnames(String str) {
            this.hostnames = TrusteeKeyProviderConfiguration.rationalizeHostnames(str, this.hostname);
        }

        public void invariant() throws IOException {
            String str;
            this.failed = false;
            str = "TrusteeKeyProvider registration aborted: \n";
            str = empty(this.hostname) ? fail(str, TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR, TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY) : "TrusteeKeyProvider registration aborted: \n";
            if (empty(this.certPath) && TrusteeKeyProviderConfiguration.LOG.isWarnEnabled()) {
                TrusteeKeyProviderConfiguration.LOG.warn("No KeyTrustee key provider certPath specified. Using JVM default trust store.");
            }
            if (empty(this.f0org)) {
                str = fail(str, TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ORG_ENV_VAR, TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_ORG_KEY);
            }
            if (empty(this.auth)) {
                str = fail(str, TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_AUTH_ENV_VAR, TrusteeKeyProviderConfiguration.KEYTRUSTEE_SERVER_AUTH_KEY);
            }
            if (this.failed) {
                throw new IOException(str);
            }
        }

        private boolean empty(String str) {
            return null == str || str.equals(TrusteeACLs.ACL_DEFAULT);
        }

        private String fail(String str, String str2, String str3) {
            this.failed = true;
            return str + "Set " + str2 + " environment variable OR " + str3 + " key in Hadoop KMS configuration file. \n";
        }
    }

    static Configuration getConfiguration(boolean z, String... strArr) {
        Configuration configuration = new Configuration(z);
        String property = System.getProperty(KTS_CONFIG_DIR);
        if (null == property) {
            property = System.getProperty("kms.config.dir");
        }
        if (property != null) {
            try {
                if (!property.startsWith("/")) {
                    throw new RuntimeException("System property 'kts.config.dir' must be an absolute path: " + property);
                }
                if (!property.endsWith("/")) {
                    property = property + "/";
                }
                for (String str : strArr) {
                    configuration.addResource(new URL("file://" + property + str));
                    System.err.println(property);
                }
            } catch (MalformedURLException e) {
                throw new RuntimeException(e);
            }
        } else {
            for (String str2 : strArr) {
                configuration.addResource(str2);
            }
        }
        return configuration;
    }

    public static Configuration getKTSConf() {
        return getConfiguration(true, KTS_SITE_XML);
    }

    public static Configuration getACLsConf() {
        return getConfiguration(false, KTS_ACLS_XML);
    }

    public TrusteeKeyProviderConfiguration(Environment environment, URI uri, Configuration configuration) throws IOException {
        if (null == environment) {
            this.env = new Environment();
        } else {
            this.env = environment;
        }
        Preconditions.checkNotNull(configuration, "Null configuration passed to constructor.");
        this.conf = new Configuration(configuration);
        this.conf.addResource(getKTSConf());
        setKeyTrusteeConfDirAndURL(uri);
        moveDefaultConfigurationDir();
        try {
            this.sslContext = initializeSSLContext();
        } catch (NoSuchAlgorithmException e) {
            throw new IOException("Could not initialize TLS context: " + e.getMessage());
        }
    }

    public SSLContext getSSLContext() {
        return this.sslContext;
    }

    public File getKeyTrusteeConfDir() {
        return this.keyTrusteeConfDir;
    }

    public URL getKeyTrusteeURL() {
        return this.keyTrusteeURL;
    }

    public URI[] getSpecifiedProviderURIs() {
        return this.uris;
    }

    public int getKeyLength() {
        return getKeyLength(this.conf, this.env);
    }

    public boolean isUseKeyTrusteeConnectionPool() {
        return isUseKeyTrusteeConnectionPool(this.conf, this.env);
    }

    public boolean isStrongLocking() {
        return isStrongLocking(this.conf, this.env);
    }

    public Register getRegisterCommand() {
        return new Register(this.conf, this.env);
    }

    public int getMaxIdle() {
        return getMaxIdle(this.conf, this.env);
    }

    public int getMinIdle() {
        return getMinIdle(this.conf, this.env);
    }

    public int getMaxTotal() {
        return getMaxTotal(this.conf, this.env);
    }

    public int getAbandonedTimeout() {
        return getAbandonedTimeout(this.conf, this.env);
    }

    public int getHttpReadConnectionTimeout() {
        return getHttpReadConnectionTimeout(this.conf, this.env);
    }

    public boolean isDisableUpdateFingerprintFromServer() {
        return isDisableUpdateFingerprintFromServer(this.conf, this.env);
    }

    public boolean updateClientConfiguration(ClientInfo clientInfo) throws KeyTrusteeException, IOException {
        return updateClientConfiguration(clientInfo, false);
    }

    public boolean updateClientConfiguration(ClientInfo clientInfo, boolean z) throws KeyTrusteeException, IOException {
        return updateClientConfiguration(this.conf, this.env, clientInfo, z);
    }

    public String getZkConnectionString() {
        return this.conf.get(ZOOKEEPER_CONN_STRING_KEY, DEFAULT_ZOOKEEPER_CONN_STRING_VALUE);
    }

    public String getZkAuthType() {
        return this.conf.get(ZOOKEEPER_AUTH_TYPE_KEY, DEFAULT_ZOOKEEPER_AUTH_TYPE);
    }

    public String getZkKerberosKeytab() {
        return this.conf.get(ZOOKEEPER_KERBEROS_KEYTAB_KEY, (String) null);
    }

    public String getZkKerberosPrincipal() {
        return this.conf.get(ZOOKEEPER_KERBEROS_PRINCIPAL_KEY, (String) null);
    }

    public int getZkConnWaitSec() {
        return this.conf.getInt(ZOOKEEPER_CONN_BLOCK_SEC_KEY, 10);
    }

    public String[] getKeyProviderHosts() {
        String str = this.conf.get(KMS_HOSTS_KEY, (String) null);
        if (str == null) {
            return null;
        }
        return str.substring(str.indexOf(64) + 1, str.lastIndexOf(58)).split(";");
    }

    public static boolean updateClientConfiguration(Configuration configuration, Environment environment, ClientInfo clientInfo, boolean z) throws KeyTrusteeException, IOException {
        String masterHostname = getMasterHostname(configuration, environment);
        String str = FailoverClientInfoImpl.DISABLE_UPDATE_FINGERPRINTS_FROM_SERVER_KEY;
        if (clientInfo.hasLocal(str)) {
            String str2 = (String) clientInfo.getLocal(str);
            String bool = Boolean.toString(isDisableUpdateFingerprintFromServer(configuration, environment));
            if (!bool.equalsIgnoreCase(str2)) {
                LOG.info("Disable update fingerprint from server value changed from [" + str2 + "] to [" + bool + "].");
                clientInfo.putLocal(str, bool);
            }
        }
        FailoverServerInfo serverInfo = clientInfo.getServerInfo(masterHostname);
        if (null == serverInfo) {
            serverInfo = (FailoverServerInfo) clientInfo.getServerInfo();
        }
        ArrayList<ConfigUpdate> arrayList = new ArrayList();
        arrayList.add(new ConfigUpdate(KEYTRUSTEE_SERVER_ROUND_ROBIN_KEY, Boolean.valueOf(serverInfo.isRoundRobinActive()), Boolean.valueOf(isRoundRobin(configuration, environment)), "Client round robin request scheduling"));
        arrayList.add(new ConfigUpdate(KEYTRUSTEE_SERVER_INSECURE_KEY, Boolean.valueOf(serverInfo.isSslInsecure()), Boolean.valueOf(isSslInsecure(configuration, environment)), "Client SSL insecurity"));
        arrayList.add(new ConfigUpdate(KEYTRUSTEE_SERVER_HKP_PORT_KEY, Integer.valueOf(serverInfo.getHkpPort()), getHkpPort(configuration, environment), "Client HKP port"));
        arrayList.add(new ConfigUpdate(KEYTRUSTEE_SERVER_KTS_PORT_KEY, Integer.valueOf(serverInfo.getKtsPort()), getKtsPort(configuration, environment), "Client KTS port"));
        arrayList.add(new ConfigUpdate(KEYTRUSTEE_SERVER_HKP_SSL_KEY, Boolean.valueOf(serverInfo.isSingleServerPort()), isHkpSsl(configuration, environment), "Client HKP SSL"));
        arrayList.add(new ConfigUpdate(KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY, serverInfo.getMasterHostname(), masterHostname, "Active Hostname"));
        arrayList.add(new ConfigUpdate(KEYTRUSTEE_SERVER_PASSIVE_HOST_KEY, serverInfo.getHostnames(), getHostnames(configuration, environment), "Passive Hostname(s)", true));
        boolean z2 = z;
        HashMap hashMap = new HashMap();
        for (ConfigUpdate configUpdate : arrayList) {
            if (configUpdate.updateRequired()) {
                if (LOG.isInfoEnabled()) {
                    LOG.info("Update detected for [" + configUpdate.getConfigKey() + "]");
                }
                z2 = true;
            }
            hashMap.put(configUpdate.getConfigKey(), configUpdate);
        }
        if (!z2) {
            if (!LOG.isDebugEnabled()) {
                return false;
            }
            LOG.debug("No configuration updates to process.");
            return false;
        }
        if (!validUpdates(hashMap)) {
            if (LOG.isErrorEnabled()) {
                LOG.error("Configuration update(s) failed due to previously logged warning(s) and/or error(s).");
            }
            if (!LOG.isWarnEnabled()) {
                return false;
            }
            LOG.warn("Trustee Key Provider runtime configuration may not reflect Cloudera Manager settings.");
            return false;
        }
        FailoverServerInfo build = new FailoverServerInfo.Builder().hostnames((List) ((ConfigUpdate) hashMap.get(KEYTRUSTEE_SERVER_PASSIVE_HOST_KEY)).getUpdate()).setRoundRobin(((Boolean) ((ConfigUpdate) hashMap.get(KEYTRUSTEE_SERVER_ROUND_ROBIN_KEY)).getUpdate()).booleanValue()).hostname((String) ((ConfigUpdate) hashMap.get(KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY)).getUpdate()).hkpPort(((Integer) ((ConfigUpdate) hashMap.get(KEYTRUSTEE_SERVER_HKP_PORT_KEY)).getUpdate()).intValue()).ktsPort(((Integer) ((ConfigUpdate) hashMap.get(KEYTRUSTEE_SERVER_KTS_PORT_KEY)).getUpdate()).intValue()).singleServerPort(((Boolean) ((ConfigUpdate) hashMap.get(KEYTRUSTEE_SERVER_HKP_SSL_KEY)).getUpdate()).booleanValue()).certificate(serverInfo.getCertificatePath()).sslInsecure(((Boolean) ((ConfigUpdate) hashMap.get(KEYTRUSTEE_SERVER_INSECURE_KEY)).getUpdate()).booleanValue()).protocol(serverInfo.getProtocol()).tokenSync(serverInfo.isTokenSync()).fingerprint(serverInfo.getFingerprint()).build();
        if (serverInfo.getHostname().equals(build.getHostname())) {
            clientInfo.removeServerInfo(serverInfo.getHostname());
        }
        clientInfo.putServerInfo(build);
        clientInfo.setDefaultServerInfo(build.getHostname());
        for (ConfigUpdate configUpdate2 : arrayList) {
            if (LOG.isInfoEnabled()) {
                LOG.info(configUpdate2.getMessage());
            }
        }
        return true;
    }

    private static boolean validUpdates(Map<String, ConfigUpdate<?>> map) throws IOException {
        boolean z = true;
        boolean z2 = false;
        for (String str : new String[]{KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY, KEYTRUSTEE_SERVER_PASSIVE_HOST_KEY, KEYTRUSTEE_SERVER_KTS_PORT_KEY, KEYTRUSTEE_SERVER_HKP_PORT_KEY, KEYTRUSTEE_SERVER_HKP_SSL_KEY, KEYTRUSTEE_SERVER_INSECURE_KEY}) {
            if (map.get(str).updateRequired()) {
                z2 = true;
            }
        }
        if (z2) {
            String str2 = ((Boolean) map.get(KEYTRUSTEE_SERVER_HKP_SSL_KEY).getUpdate()).booleanValue() ? "https" : "http";
            boolean booleanValue = ((Boolean) map.get(KEYTRUSTEE_SERVER_INSECURE_KEY).getUpdate()).booleanValue();
            String str3 = (String) map.get(KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY).getUpdate();
            List list = (List) map.get(KEYTRUSTEE_SERVER_PASSIVE_HOST_KEY).getUpdate();
            int intValue = ((Integer) map.get(KEYTRUSTEE_SERVER_KTS_PORT_KEY).getUpdate()).intValue();
            int intValue2 = ((Integer) map.get(KEYTRUSTEE_SERVER_HKP_PORT_KEY).getUpdate()).intValue();
            ListIterator listIterator = list.listIterator();
            URLConnector uRLConnector = new URLConnector(str2, str3, intValue2, booleanValue);
            Connector.Response response = null;
            try {
                response = new URLConnector("https", str3, intValue, booleanValue).execQuery("/", "a=fingerprint", (Map) null);
            } catch (IOException e) {
                if (LOG.isErrorEnabled()) {
                    LOG.error("Fingerprint lookup failed on a KTS server: " + e.getMessage());
                }
                throw e;
            } catch (Exception e2) {
                z = false;
                if (LOG.isErrorEnabled()) {
                    LOG.error("Fingerprint lookup failed on a KTS server: " + e2.getMessage());
                }
            }
            while (listIterator.hasNext()) {
                String str4 = (String) listIterator.next();
                if (!str3.equals(str4)) {
                    URLConnector uRLConnector2 = new URLConnector(str2, str4, intValue2, booleanValue);
                    Connector.Response response2 = null;
                    try {
                        response2 = new URLConnector("https", str4, intValue, booleanValue).execQuery("/", "a=fingerprint", (Map) null);
                    } catch (IOException e3) {
                        if (LOG.isErrorEnabled()) {
                            LOG.error("Fingerprint lookup failed on a KTS server: " + e3.getMessage());
                        }
                        throw e3;
                    } catch (Exception e4) {
                        z = false;
                        if (LOG.isErrorEnabled()) {
                            LOG.error("Fingerprint lookup failed on a KTS server: " + e4.getMessage());
                        }
                    }
                    String content = response != null ? response.getContent() : null;
                    String content2 = response2 != null ? response2.getContent() : null;
                    if (null == content || null == content2) {
                        LOG.warn("One or more KTS fingerprints [" + content + "] and [" + content2 + "] are null.");
                    } else {
                        if (!content.equalsIgnoreCase(content2)) {
                            z = false;
                            if (LOG.isWarnEnabled()) {
                                LOG.warn("Fingerprint on active host [" + str3 + " (" + content + ") ] does not equal fingerprint on passive host [" + str4 + " (" + content2 + ") ]");
                            }
                        }
                        String str5 = "op=get&options=mr&search=0x" + content.substring(content.indexOf("/"));
                        Connector.Response response3 = null;
                        Connector.Response response4 = null;
                        try {
                            response3 = uRLConnector.execQuery("/pks/lookup", str5, (Map) null);
                            response4 = uRLConnector2.execQuery("/pks/lookup", str5, (Map) null);
                        } catch (Exception e5) {
                            z = false;
                            if (LOG.isErrorEnabled()) {
                                LOG.error("Public key lookup failed on an HKP server: " + e5.getMessage());
                            }
                        }
                        String content3 = response3 != null ? response3.getContent() : null;
                        String content4 = response4 != null ? response4.getContent() : null;
                        if (null == content3 || null == content4) {
                            LOG.warn("One or more KTS public key blocks [" + content3 + "] and [" + content4 + "] are null.");
                        } else if (!content3.equalsIgnoreCase(content4)) {
                            z = false;
                            if (LOG.isWarnEnabled()) {
                                LOG.warn("Public key blocks on active and passive hosts do not match.");
                            }
                        }
                    }
                }
            }
        }
        return z;
    }

    private static URI[] splitUri(URI uri) throws URISyntaxException {
        String[] split = uri.toString().split(",");
        URI[] uriArr = new URI[split.length];
        for (int i = 0; i < split.length; i++) {
            uriArr[i] = new URI(split[i]);
        }
        return uriArr;
    }

    private void setKeyTrusteeConfDirAndURL(URI uri) throws MalformedURLException {
        if (this.env.containsKey(KEYTRUSTEE_CONF_DIR_ENV_VAR)) {
            this.keyTrusteeConfDir = new File(this.env.get(KEYTRUSTEE_CONF_DIR_ENV_VAR));
            return;
        }
        Preconditions.checkNotNull(uri, "Null uri passed to constructor and noKEYTRUSTEE_CONF_DIR environment variable set.");
        try {
            this.uris = splitUri(uri);
            Preconditions.checkState(this.uris.length > 0, "URI could not be processed: %s", uri);
            Path unnestUri = ProviderUtils.unnestUri(this.uris[0]);
            this.keyTrusteeConfDir = new File(unnestUri.toUri().toURL().getPath());
            this.keyTrusteeURL = unnestUri.toUri().toURL();
        } catch (URISyntaxException e) {
            throw new Error("URI could not be processed: " + uri);
        }
    }

    private void moveDefaultConfigurationDir() throws IOException {
        if (!this.keyTrusteeConfDir.getAbsolutePath().equals(DEFAULT_KEYTRUSTEE_CONF_DIR_VALUE)) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Skipping configuration move.");
                LOG.info("Current configuration directory: " + this.keyTrusteeConfDir.getAbsolutePath());
                return;
            }
            return;
        }
        if (!emptyOrNonExistentDirectory(this.keyTrusteeConfDir)) {
            if (LOG.isInfoEnabled()) {
                LOG.info("Current configuration directory (" + this.keyTrusteeConfDir.getAbsolutePath() + ") is not empty.");
                LOG.info("Content in current configuration directory will not be overwritten.");
                return;
            }
            return;
        }
        if (LOG.isInfoEnabled()) {
            LOG.info("KT configuration directory is empty and default.");
        }
        File file = new File(determineParcelPath(), DEFAULT_KEYTRUSTEE_55_PARCEL);
        if (!file.exists() || !file.isDirectory()) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Found no parcel at " + file.getAbsolutePath() + ".");
                return;
            }
            return;
        }
        if (LOG.isInfoEnabled()) {
            LOG.info("Found existing parcel at " + file.getAbsolutePath() + ".");
        }
        File file2 = new File(file, DEFAULT_KEYTRUSTEE_CONF_DIR_VALUE);
        if (!file2.exists() || !file2.isDirectory()) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Found no existing KT configuration directory at " + file2.getAbsolutePath() + ".");
                return;
            }
            return;
        }
        if (LOG.isInfoEnabled()) {
            LOG.info("Found existing KT configuration directory at " + file2.getAbsolutePath() + ".");
        }
        if (FileUtils.sizeOfDirectory(file2) <= 0) {
            if (LOG.isWarnEnabled()) {
                LOG.warn("Existing KT configuration directory is empty.");
            }
        } else if (LOG.isInfoEnabled()) {
            LOG.info("Existing KT configuration directory at " + file2.getAbsolutePath() + " contains content.");
            LOG.info("Attempting copy of content from previous KT configuration directory (" + file2.getAbsolutePath() + ") to current KT configuration directory at (" + this.keyTrusteeConfDir + ").");
            try {
                FileUtils.copyDirectory(file2, this.keyTrusteeConfDir, CanReadFileFilter.CAN_READ, true);
            } catch (IOException e) {
                if (LOG.isErrorEnabled()) {
                    LOG.error("Failure during copy of previous configuration directory contents to new configuration directory. Please contact Cloudera support for assistance before proceeding to avoid key loss.", e);
                }
                throw new IOException("Failure during copy of previous configuration directory contents to new configuration directory. Please contact Cloudera support for assistance before proceeding to avoid key loss.", e);
            }
        }
    }

    private final SSLContext initializeSSLContext() throws NoSuchAlgorithmException {
        return SSLContext.getInstance("TLSv1.2");
    }

    private String determineParcelPath() {
        String str = DEFAULT_PARCEL_LOCATION;
        String property = System.getProperty("cdh.parcel.root");
        if (LOG.isDebugEnabled()) {
            LOG.debug("CDH PARCEL ROOT: " + property);
        }
        if (null != property && !property.isEmpty()) {
            str = property;
        }
        return new File(str).getAbsolutePath();
    }

    private boolean emptyOrNonExistentDirectory(File file) {
        boolean z = false;
        long j = -1;
        try {
            j = FileUtils.sizeOfDirectory(file);
            if (j == 0) {
                z = true;
            }
        } catch (IllegalArgumentException e) {
            if (0 == 0) {
                z = true;
            }
        } catch (Throwable th) {
            if (j == 0) {
            }
            throw th;
        }
        return z;
    }

    public static int getKeyLength(Configuration configuration, Environment environment) {
        int len = ClientFactory.DEFAULT_KEY_LENGTH.getLen();
        if (environment.containsKey(KEYTRUSTEE_SERVER_KEY_LENGTH_ENV_VAR)) {
            len = Integer.parseInt(environment.get(KEYTRUSTEE_SERVER_KEY_LENGTH_ENV_VAR));
        } else if (null != configuration.get(KEYTRUSTEE_SERVER_KEY_LENGTH_KEY)) {
            len = Integer.parseInt(configuration.get(KEYTRUSTEE_SERVER_KEY_LENGTH_KEY));
        }
        return len;
    }

    public static boolean isUseKeyTrusteeConnectionPool(Configuration configuration, Environment environment) {
        boolean z = true;
        if (environment.containsKey(KEYTRUSTEE_CLIENT_USE_POOL_ENV_VAR)) {
            z = Boolean.parseBoolean(environment.get(KEYTRUSTEE_CLIENT_USE_POOL_ENV_VAR));
        } else if (null != configuration.get(KEYTRUSTEE_CLIENT_USE_POOL_KEY)) {
            z = Boolean.parseBoolean(configuration.get(KEYTRUSTEE_CLIENT_USE_POOL_KEY));
        }
        return z;
    }

    public static boolean isStrongLocking(Configuration configuration, Environment environment) {
        boolean z = false;
        if (environment.containsKey(KEYTRUSTEE_CLIENT_STRONG_LOCKING_ENV_VAR)) {
            z = Boolean.parseBoolean(environment.get(KEYTRUSTEE_CLIENT_STRONG_LOCKING_ENV_VAR));
        } else if (null != configuration.get(KEYTRUSTEE_CLIENT_STRONG_LOCKING_KEY)) {
            z = Boolean.parseBoolean(configuration.get(KEYTRUSTEE_CLIENT_STRONG_LOCKING_KEY));
        }
        return z;
    }

    public static boolean isSslInsecure(Configuration configuration, Environment environment) {
        return environment.containsKey(KEYTRUSTEE_SERVER_INSECURE_ENV_VAR) ? Boolean.parseBoolean(environment.get(KEYTRUSTEE_SERVER_INSECURE_ENV_VAR)) : Boolean.parseBoolean(configuration.get(KEYTRUSTEE_SERVER_INSECURE_KEY));
    }

    public static boolean isRoundRobin(Configuration configuration, Environment environment) {
        return environment.containsKey(KEYTRUSTEE_SERVER_ROUND_ROBIN_ENV_VAR) ? Boolean.parseBoolean(environment.get(KEYTRUSTEE_SERVER_ROUND_ROBIN_ENV_VAR)) : Boolean.parseBoolean(configuration.get(KEYTRUSTEE_SERVER_ROUND_ROBIN_KEY));
    }

    public static Integer getHkpPort(Configuration configuration, Environment environment) {
        Integer num;
        try {
            num = environment.containsKey(KEYTRUSTEE_SERVER_HKP_PORT_ENV_VAR) ? Integer.valueOf(Integer.parseInt(environment.get(KEYTRUSTEE_SERVER_HKP_PORT_ENV_VAR))) : Integer.valueOf(Integer.parseInt(configuration.get(KEYTRUSTEE_SERVER_HKP_PORT_KEY)));
        } catch (NumberFormatException e) {
            num = null;
        }
        return num;
    }

    public static Integer getKtsPort(Configuration configuration, Environment environment) {
        Integer num;
        try {
            num = environment.containsKey(KEYTRUSTEE_SERVER_KTS_PORT_ENV_VAR) ? Integer.valueOf(Integer.parseInt(environment.get(KEYTRUSTEE_SERVER_KTS_PORT_ENV_VAR))) : Integer.valueOf(Integer.parseInt(configuration.get(KEYTRUSTEE_SERVER_KTS_PORT_KEY)));
        } catch (NumberFormatException e) {
            num = null;
        }
        return num;
    }

    public static Boolean isHkpSsl(Configuration configuration, Environment environment) {
        Boolean valueOf;
        if (environment.containsKey(KEYTRUSTEE_SERVER_HKP_SSL_ENV_VAR)) {
            valueOf = Boolean.valueOf(Boolean.parseBoolean(environment.get(KEYTRUSTEE_SERVER_HKP_SSL_ENV_VAR)));
        } else {
            String str = configuration.get(KEYTRUSTEE_SERVER_HKP_SSL_KEY);
            valueOf = (null == str || str.equals(TrusteeACLs.ACL_DEFAULT)) ? null : Boolean.valueOf(Boolean.parseBoolean(str));
        }
        return valueOf;
    }

    public static String getMasterHostname(Configuration configuration, Environment environment) {
        return environment.containsKey(KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR) ? environment.get(KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR) : configuration.get(KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY);
    }

    public static List<String> getHostnames(Configuration configuration, Environment environment) {
        List<String> list = null;
        String str = environment.containsKey(KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR) ? environment.get(KEYTRUSTEE_SERVER_ACTIVE_HOST_ENV_VAR) : configuration.get(KEYTRUSTEE_SERVER_ACTIVE_HOST_KEY);
        if (null != str && !str.equals(TrusteeACLs.ACL_DEFAULT)) {
            list = Arrays.asList(rationalizeHostnames(environment.containsKey(KEYTRUSTEE_SERVER_PASSIVE_HOST_ENV_VAR) ? environment.get(KEYTRUSTEE_SERVER_PASSIVE_HOST_ENV_VAR) : configuration.get(KEYTRUSTEE_SERVER_PASSIVE_HOST_KEY), str));
        } else if (LOG.isWarnEnabled()) {
            LOG.warn("Master hostname is empty in configuration. Ignoring passive hostname(s) lacking validation criteria.");
        }
        return list;
    }

    static String[] rationalizeHostnames(String str, String str2) {
        String[] strArr;
        if (null == str || str.equals(TrusteeACLs.ACL_DEFAULT)) {
            strArr = new String[]{str2};
        } else {
            strArr = str.split(",");
            boolean z = false;
            int i = 0;
            for (int i2 = 0; i2 < strArr.length; i2++) {
                if (strArr[i2].equalsIgnoreCase(str2)) {
                    z = true;
                    i = i2;
                }
            }
            if (!z) {
                ArrayList arrayList = new ArrayList(Arrays.asList(strArr));
                arrayList.add(0, str2);
                strArr = (String[]) arrayList.toArray(new String[arrayList.size()]);
            } else if (i != 0) {
                ArrayList arrayList2 = new ArrayList(Arrays.asList(strArr));
                arrayList2.remove(str2);
                arrayList2.add(0, str2);
                strArr = (String[]) arrayList2.toArray(new String[arrayList2.size()]);
            }
        }
        return strArr;
    }

    public static int getMaxIdle(Configuration configuration, Environment environment) {
        return getIntValueFromConfigOrEnv(configuration, environment, KEYTRUSTEE_CLIENT_POOL_MAX_IDLE_KEY, KEYTRUSTEE_CLIENT_POOL_MAX_IDLE_ENV_VAR, 5);
    }

    public static int getMinIdle(Configuration configuration, Environment environment) {
        return getIntValueFromConfigOrEnv(configuration, environment, KEYTRUSTEE_CLIENT_POOL_MIN_IDLE_KEY, KEYTRUSTEE_CLIENT_POOL_MIN_IDLE_ENV_VAR, 2);
    }

    public static int getMaxTotal(Configuration configuration, Environment environment) {
        return getIntValueFromConfigOrEnv(configuration, environment, KEYTRUSTEE_CLIENT_POOL_MAX_SIZE_KEY, KEYTRUSTEE_CLIENT_POOL_MAX_SIZE_ENV_VAR, 10);
    }

    public static int getAbandonedTimeout(Configuration configuration, Environment environment) {
        return getIntValueFromConfigOrEnv(configuration, environment, KEYTRUSTEE_CLIENT_POOL_ABANDONED_TIMEOUT_KEY, KEYTRUSTEE_CLIENT_POOL_ABANDONED_TIMEOUT_ENV_VAR, PooledClientConnectionFactory.DEFAULT_ABANDONED_TIMEOUT);
    }

    public static int getHttpReadConnectionTimeout(Configuration configuration, Environment environment) {
        return getIntValueFromConfigOrEnv(configuration, environment, KEYTRUSTEE_CLIENT_READ_CONNECTION_TIMEOUT_KEY, KEYTRUSTEE_CLIENT_READ_CONNECTION_TIMEOUT_ENV_VAR, 120000);
    }

    public static boolean isDisableUpdateFingerprintFromServer(Configuration configuration, Environment environment) {
        return environment.containsKey(KEYTRUSTEE_CLIENT_DISABLE_UPDATE_FINGERPRINT_FROM_SERVER_ENV_VAR) ? Boolean.parseBoolean(environment.get(KEYTRUSTEE_CLIENT_DISABLE_UPDATE_FINGERPRINT_FROM_SERVER_ENV_VAR)) : Boolean.parseBoolean(configuration.get(KEYTRUSTEE_CLIENT_DISABLE_UPDATE_FINGERPRINT_FROM_SERVER_KEY));
    }

    private static int getIntValueFromConfigOrEnv(Configuration configuration, Environment environment, String str, String str2, int i) {
        int i2 = i;
        if (environment.containsKey(str2)) {
            i2 = Integer.parseInt(environment.get(str2));
        } else if (null != configuration.get(str)) {
            i2 = Integer.parseInt(configuration.get(str));
        }
        return i2;
    }
}
