public class org.apache.zookeeper.server.auth.X509AuthenticationProvider extends java.lang.Object implements org.apache.zookeeper.server.auth.AuthenticationProvider
{
static final java.lang.String ZOOKEEPER_X509AUTHENTICATIONPROVIDER_SUPERUSER;
private static final org.slf4j.Logger LOG;
private final javax.net.ssl.X509TrustManager trustManager;
private final javax.net.ssl.X509KeyManager keyManager;
public void <init>() throws org.apache.zookeeper.common.X509Exception
{
javax.net.ssl.X509KeyManager v;
org.apache.zookeeper.common.ClientX509Util v;
boolean v, v, v, v, v;
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
org.apache.zookeeper.common.ZKConfig v;
java.lang.Throwable v;
org.apache.zookeeper.common.X509Exception$TrustManagerException v;
org.apache.zookeeper.common.X509Exception$KeyManagerException v;
java.lang.String v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v;
org.slf4j.Logger v, v, v, v;
javax.net.ssl.X509TrustManager v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
specialinvoke v.<java.lang.Object: void <init>()>();
v = new org.apache.zookeeper.common.ZKConfig;
specialinvoke v.<org.apache.zookeeper.common.ZKConfig: void <init>()>();
v = new org.apache.zookeeper.common.ClientX509Util;
specialinvoke v.<org.apache.zookeeper.common.ClientX509Util: void <init>()>();
label:
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslKeystoreLocationProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.ZKConfig: java.lang.String getProperty(java.lang.String,java.lang.String)>(v, "");
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslKeystorePasswdProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslKeystorePasswdPathProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getPasswordFromConfigPropertyOrFile(org.apache.zookeeper.common.ZKConfig,java.lang.String,java.lang.String)>(v, v, v);
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslKeystoreTypeProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.ZKConfig: java.lang.String getProperty(java.lang.String)>(v);
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslCrlEnabledProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.ZKConfig: java.lang.String getProperty(java.lang.String)>(v);
v = staticinvoke <java.lang.Boolean: boolean parseBoolean(java.lang.String)>(v);
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslOcspEnabledProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.ZKConfig: java.lang.String getProperty(java.lang.String)>(v);
v = staticinvoke <java.lang.Boolean: boolean parseBoolean(java.lang.String)>(v);
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslHostnameVerificationEnabledProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.ZKConfig: java.lang.String getProperty(java.lang.String)>(v);
v = staticinvoke <java.lang.Boolean: boolean parseBoolean(java.lang.String)>(v);
v = null;
v = null;
v = virtualinvoke v.<java.lang.String: boolean isEmpty()>();
if v == 0 goto label;
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void warn(java.lang.String)>("keystore not specified for client connection");
goto label;
label:
v = staticinvoke <org.apache.zookeeper.common.X509Util: javax.net.ssl.X509KeyManager createKeyManager(java.lang.String,java.lang.String,java.lang.String)>(v, v, v);
label:
goto label;
label:
v := @caughtexception;
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void error(java.lang.String,java.lang.Throwable)>("Failed to create key manager", v);
label:
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslTruststoreLocationProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.ZKConfig: java.lang.String getProperty(java.lang.String,java.lang.String)>(v, "");
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslTruststorePasswdProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslTruststorePasswdPathProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getPasswordFromConfigPropertyOrFile(org.apache.zookeeper.common.ZKConfig,java.lang.String,java.lang.String)>(v, v, v);
v = virtualinvoke v.<org.apache.zookeeper.common.X509Util: java.lang.String getSslTruststoreTypeProperty()>();
v = virtualinvoke v.<org.apache.zookeeper.common.ZKConfig: java.lang.String getProperty(java.lang.String)>(v);
v = virtualinvoke v.<java.lang.String: boolean isEmpty()>();
if v == 0 goto label;
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void warn(java.lang.String)>("Truststore not specified for client connection");
goto label;
label:
v = staticinvoke <org.apache.zookeeper.common.X509Util: javax.net.ssl.X509TrustManager createTrustManager(java.lang.String,java.lang.String,java.lang.String,boolean,boolean,boolean,boolean)>(v, v, v, v, v, v, 0);
label:
goto label;
label:
v := @caughtexception;
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void error(java.lang.String,java.lang.Throwable)>("Failed to create trust manager", v);
label:
v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509KeyManager keyManager> = v;
v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509TrustManager trustManager> = v;
label:
virtualinvoke v.<org.apache.zookeeper.common.X509Util: void close()>();
goto label;
label:
v := @caughtexception;
throw v;
label:
return;
catch org.apache.zookeeper.common.X509Exception$KeyManagerException from label to label with label;
catch org.apache.zookeeper.common.X509Exception$TrustManagerException from label to label with label;
catch java.lang.Throwable from label to label with label;
}
public void <init>(javax.net.ssl.X509TrustManager, javax.net.ssl.X509KeyManager)
{
javax.net.ssl.X509KeyManager v;
javax.net.ssl.X509TrustManager v;
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
v := @parameter: javax.net.ssl.X509TrustManager;
v := @parameter: javax.net.ssl.X509KeyManager;
specialinvoke v.<java.lang.Object: void <init>()>();
v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509TrustManager trustManager> = v;
v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509KeyManager keyManager> = v;
return;
}
public java.lang.String getScheme()
{
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
return "x509";
}
public org.apache.zookeeper.KeeperException$Code handleAuthentication(org.apache.zookeeper.server.ServerCnxn, byte[])
{
java.security.cert.X509Certificate v;
byte[] v;
long v, v;
org.apache.zookeeper.KeeperException$Code v, v, v, v;
int v;
org.apache.zookeeper.server.ServerCnxn v;
java.lang.String v, v, v, v, v, v, v, v;
boolean v;
org.slf4j.Logger v, v, v, v;
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
java.security.PublicKey v;
java.security.cert.CertificateException v;
org.apache.zookeeper.data.Id v, v;
javax.net.ssl.X509TrustManager v, v;
java.security.cert.Certificate[] v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
v := @parameter: org.apache.zookeeper.server.ServerCnxn;
v := @parameter: byte[];
v = virtualinvoke v.<org.apache.zookeeper.server.ServerCnxn: java.security.cert.Certificate[] getClientCertificateChain()>();
if v == null goto label;
v = lengthof v;
if v != 0 goto label;
label:
v = <org.apache.zookeeper.KeeperException$Code: org.apache.zookeeper.KeeperException$Code AUTHFAILED>;
return v;
label:
v = v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509TrustManager trustManager>;
if v != null goto label;
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
v = virtualinvoke v.<org.apache.zookeeper.server.ServerCnxn: long getSessionId()>();
v = staticinvoke <java.lang.Long: java.lang.String toHexString(long)>(v);
interfaceinvoke v.<org.slf4j.Logger: void error(java.lang.String,java.lang.Object)>("No trust manager available to authenticate session 0x{}", v);
v = <org.apache.zookeeper.KeeperException$Code: org.apache.zookeeper.KeeperException$Code AUTHFAILED>;
return v;
label:
v = v[0];
label:
v = v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509TrustManager trustManager>;
v = virtualinvoke v.<java.security.cert.X509Certificate: java.security.PublicKey getPublicKey()>();
v = interfaceinvoke v.<java.security.PublicKey: java.lang.String getAlgorithm()>();
interfaceinvoke v.<javax.net.ssl.X509TrustManager: void checkClientTrusted(java.security.cert.X509Certificate[],java.lang.String)>(v, v);
label:
goto label;
label:
v := @caughtexception;
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
v = virtualinvoke v.<org.apache.zookeeper.server.ServerCnxn: long getSessionId()>();
v = staticinvoke <java.lang.Long: java.lang.String toHexString(long)>(v);
interfaceinvoke v.<org.slf4j.Logger: void error(java.lang.String,java.lang.Object,java.lang.Object)>("Failed to trust certificate for session 0x{}", v, v);
v = <org.apache.zookeeper.KeeperException$Code: org.apache.zookeeper.KeeperException$Code AUTHFAILED>;
return v;
label:
v = virtualinvoke v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: java.lang.String getClientId(java.security.cert.X509Certificate)>(v);
v = staticinvoke <java.lang.System: java.lang.String getProperty(java.lang.String)>("zookeeper.X509AuthenticationProvider.superUser");
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>(v);
if v == 0 goto label;
v = new org.apache.zookeeper.data.Id;
specialinvoke v.<org.apache.zookeeper.data.Id: void <init>(java.lang.String,java.lang.String)>("super", v);
virtualinvoke v.<org.apache.zookeeper.server.ServerCnxn: void addAuthInfo(org.apache.zookeeper.data.Id)>(v);
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
interfaceinvoke v.<org.slf4j.Logger: void info(java.lang.String,java.lang.Object)>("Authenticated Id \'{}\' as super user", v);
label:
v = new org.apache.zookeeper.data.Id;
v = virtualinvoke v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: java.lang.String getScheme()>();
specialinvoke v.<org.apache.zookeeper.data.Id: void <init>(java.lang.String,java.lang.String)>(v, v);
virtualinvoke v.<org.apache.zookeeper.server.ServerCnxn: void addAuthInfo(org.apache.zookeeper.data.Id)>(v);
v = <org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG>;
v = virtualinvoke v.<org.apache.zookeeper.data.Id: java.lang.String getId()>();
v = virtualinvoke v.<org.apache.zookeeper.data.Id: java.lang.String getScheme()>();
interfaceinvoke v.<org.slf4j.Logger: void info(java.lang.String,java.lang.Object,java.lang.Object)>("Authenticated Id \'{}\' for Scheme \'{}\'", v, v);
v = <org.apache.zookeeper.KeeperException$Code: org.apache.zookeeper.KeeperException$Code OK>;
return v;
catch java.security.cert.CertificateException from label to label with label;
}
protected java.lang.String getClientId(java.security.cert.X509Certificate)
{
java.security.cert.X509Certificate v;
javax.security.auth.x.X500Principal v;
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
java.lang.String v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
v := @parameter: java.security.cert.X509Certificate;
v = virtualinvoke v.<java.security.cert.X509Certificate: javax.security.auth.x.X500Principal getSubjectX500Principal()>();
v = virtualinvoke v.<javax.security.auth.x.X500Principal: java.lang.String getName()>();
return v;
}
public boolean matches(java.lang.String, java.lang.String)
{
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
java.lang.String v, v, v, v;
boolean v, v, v, v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
v := @parameter: java.lang.String;
v := @parameter: java.lang.String;
v = staticinvoke <java.lang.System: java.lang.String getProperty(java.lang.String)>("zookeeper.X509AuthenticationProvider.superUser");
if v == null goto label;
v = staticinvoke <java.lang.System: java.lang.String getProperty(java.lang.String)>("zookeeper.X509AuthenticationProvider.superUser");
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>(v);
if v != 0 goto label;
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>(v);
if v == 0 goto label;
label:
v = 1;
goto label;
label:
v = 0;
label:
return v;
label:
v = virtualinvoke v.<java.lang.String: boolean equals(java.lang.Object)>(v);
return v;
}
public boolean isAuthenticated()
{
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
return 1;
}
public boolean isValid(java.lang.String)
{
javax.security.auth.x.X500Principal v;
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
java.lang.String v;
java.lang.IllegalArgumentException v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
v := @parameter: java.lang.String;
label:
v = new javax.security.auth.x.X500Principal;
specialinvoke v.<javax.security.auth.x.X500Principal: void <init>(java.lang.String)>(v);
label:
return 1;
label:
v := @caughtexception;
return 0;
catch java.lang.IllegalArgumentException from label to label with label;
}
public javax.net.ssl.X509TrustManager getTrustManager() throws org.apache.zookeeper.common.X509Exception$TrustManagerException
{
org.apache.zookeeper.common.X509Exception$TrustManagerException v;
javax.net.ssl.X509TrustManager v, v;
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
v = v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509TrustManager trustManager>;
if v != null goto label;
v = new org.apache.zookeeper.common.X509Exception$TrustManagerException;
specialinvoke v.<org.apache.zookeeper.common.X509Exception$TrustManagerException: void <init>(java.lang.String)>("No trust manager available");
throw v;
label:
v = v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509TrustManager trustManager>;
return v;
}
public javax.net.ssl.X509KeyManager getKeyManager() throws org.apache.zookeeper.common.X509Exception$KeyManagerException
{
javax.net.ssl.X509KeyManager v, v;
org.apache.zookeeper.common.X509Exception$KeyManagerException v;
org.apache.zookeeper.server.auth.X509AuthenticationProvider v;
v := @this: org.apache.zookeeper.server.auth.X509AuthenticationProvider;
v = v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509KeyManager keyManager>;
if v != null goto label;
v = new org.apache.zookeeper.common.X509Exception$KeyManagerException;
specialinvoke v.<org.apache.zookeeper.common.X509Exception$KeyManagerException: void <init>(java.lang.String)>("No key manager available");
throw v;
label:
v = v.<org.apache.zookeeper.server.auth.X509AuthenticationProvider: javax.net.ssl.X509KeyManager keyManager>;
return v;
}
static void <clinit>()
{
org.slf4j.Logger v;
v = staticinvoke <org.slf4j.LoggerFactory: org.slf4j.Logger getLogger(java.lang.Class)>(class "Lorg/apache/zookeeper/server/auth/X509AuthenticationProvider;");
<org.apache.zookeeper.server.auth.X509AuthenticationProvider: org.slf4j.Logger LOG> = v;
return;
}
}