package com.cloudera.cmf.inspector;

import com.cloudera.cmf.model.DbHost;
import com.cloudera.enterprise.I18nKey;
import com.cloudera.enterprise.MessageWithArgs;
import com.google.common.annotations.VisibleForTesting;
import java.io.File;
import java.lang.reflect.InvocationTargetException;
import java.util.Collection;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Vector;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sun.security.krb5.KrbException;

/* loaded from: input_file:com/cloudera/cmf/inspector/EtcKrbConfInspection.class */
public class EtcKrbConfInspection implements Inspection {
    private static final Logger LOG = LoggerFactory.getLogger(EtcKrbConfInspection.class);

    /* loaded from: input_file:com/cloudera/cmf/inspector/EtcKrbConfInspection$I18nKeys.class */
    public enum I18nKeys implements I18nKey {
        DEFAULT_REALM_NOT_CORRECT("message.inspector.etcKrbConf.defaultRealmNotCorrect", 3),
        TRUSTED_REALM_NOT_FOUND("message.inspector.etcKrbConf.trustedRealmNotFound", 1),
        TRUSTED_DOMAIN_REALM_NOT_FOUND("message.inspector.etcKrbConf.trustedDomainRealmNotFound", 1),
        TRUSTED_DOMAIN_MAPPING_NOT_FOUND("message.inspector.etcKrbConf.trustedDomainMappingNotFound", 2),
        TRUSTED_DOMAIN_MAPPING_EXISTS("message.inspector.etcKrbConf.trustedDomainMappingExists", 3),
        FILE_NOT_FOUND("message.inspector.etcKrbConf.fileNotFound", 1),
        FILE_READ_ERROR("message.inspector.etcKrbConf.fileReadError", 2);

        private String key;
        private int argc;

        I18nKeys(String str, int i) {
            this.key = str;
            this.argc = i;
        }

        public String getKey() {
            return this.key;
        }

        public int getNumArgs() {
            return this.argc;
        }
    }

    @Override // com.cloudera.cmf.inspector.Inspection
    public void run(InspectorInput inspectorInput, InspectorOutput inspectorOutput) {
        if (StringUtils.isEmpty(inspectorInput.kerberosRealm)) {
            return;
        }
        if (!new File("/etc/krb5.conf").exists()) {
            inspectorOutput.etcKrbConfMessages.add(MessageWithArgs.of(I18nKeys.FILE_NOT_FOUND, new String[]{inspectorInput.thisHost.hostname}));
            return;
        }
        try {
            runWithConfig(inspectorInput, inspectorOutput, KerberosUtil.getInstance());
        } catch (Exception e) {
            inspectorOutput.etcKrbConfMessages.add(MessageWithArgs.of(I18nKeys.FILE_READ_ERROR, new String[]{inspectorInput.thisHost.hostname, e.getMessage()}));
        }
    }

    @VisibleForTesting
    void runWithConfig(InspectorInput inspectorInput, InspectorOutput inspectorOutput, KerberosUtil kerberosUtil) throws KrbException, ClassNotFoundException, NoSuchMethodException, IllegalArgumentException, IllegalAccessException, InvocationTargetException {
        String defaultRealm = kerberosUtil.getDefaultRealm();
        if (!inspectorInput.kerberosRealm.equals(defaultRealm)) {
            inspectorOutput.etcKrbConfMessages.add(MessageWithArgs.of(I18nKeys.DEFAULT_REALM_NOT_CORRECT, new String[]{inspectorInput.thisHost.hostname, inspectorInput.kerberosRealm, defaultRealm}));
        }
        if (inspectorInput.trustedRealm != null) {
            String str = kerberosUtil.getDefault("kdc", inspectorInput.trustedRealm, KerberosUtil.REALMS);
            LOG.info("Kdc value for realm {} is {}", inspectorInput.trustedRealm, str);
            if (str == null) {
                inspectorOutput.etcKrbConfMessages.add(MessageWithArgs.of(I18nKeys.TRUSTED_REALM_NOT_FOUND, new String[]{inspectorInput.trustedRealm}));
            }
            if (!CollectionUtils.isEmpty(inspectorInput.trustedDomains)) {
                for (String str2 : inspectorInput.trustedDomains) {
                    String str3 = kerberosUtil.getDefault(str2, KerberosUtil.DOMAIN_REALM);
                    if (str3 == null) {
                        inspectorOutput.etcKrbConfMessages.add(MessageWithArgs.of(I18nKeys.TRUSTED_DOMAIN_MAPPING_NOT_FOUND, new String[]{str2, inspectorInput.trustedRealm}));
                    } else if (!str3.equals(inspectorInput.trustedRealm)) {
                        inspectorOutput.etcKrbConfMessages.add(MessageWithArgs.of(I18nKeys.TRUSTED_DOMAIN_MAPPING_EXISTS, new String[]{str2, str3, inspectorInput.trustedRealm}));
                    }
                }
                return;
            }
            Hashtable hashtable = (Hashtable) kerberosUtil.getStanzaTable(KerberosUtil.DOMAIN_REALM);
            LOG.info("Stanza table: {}", hashtable);
            HashSet hashSet = new HashSet();
            if (hashtable != null) {
                for (Object obj : hashtable.values()) {
                    if (obj instanceof String) {
                        hashSet.add((String) obj);
                    } else if (obj instanceof Vector) {
                        hashSet.addAll((Vector) obj);
                    }
                }
            }
            if (hashtable == null || !hashSet.contains(inspectorInput.trustedRealm)) {
                inspectorOutput.etcKrbConfMessages.add(MessageWithArgs.of(I18nKeys.TRUSTED_DOMAIN_REALM_NOT_FOUND, new String[]{inspectorInput.trustedRealm}));
            }
        }
    }

    @Override // com.cloudera.cmf.inspector.Inspection
    public void gather(Collection<DbHost> collection, Collection<InspectorOutput> collection2, InspectorMerge inspectorMerge) {
        Iterator<InspectorOutput> it = collection2.iterator();
        while (it.hasNext()) {
            inspectorMerge.etcKrbConfErrors.addAll(it.next().etcKrbConfMessages);
        }
    }
}
