public abstract class org.apache.zookeeper.common.X509Util extends java.lang.Object implements java.io.Closeable, java.lang.AutoCloseable { private static final org.slf4j.Logger LOG; private static final java.lang.String REJECT_CLIENT_RENEGOTIATION_PROPERTY; private static final java.lang.String FIPS_MODE_PROPERTY; public static final java.lang.String DEFAULT_PROTOCOL; private static final java.lang.String[] DEFAULT_CIPHERS_JAVA8; private static final java.lang.String[] DEFAULT_CIPHERS_JAVA9; public static final int DEFAULT_HANDSHAKE_DETECTION_TIMEOUT_MILLIS; private final java.lang.String sslProtocolProperty; private final java.lang.String sslEnabledProtocolsProperty; private final java.lang.String cipherSuitesProperty; private final java.lang.String sslKeystoreLocationProperty; private final java.lang.String sslKeystorePasswdProperty; private final java.lang.String sslKeystorePasswdPathProperty; private final java.lang.String sslKeystoreTypeProperty; private final java.lang.String sslTruststoreLocationProperty; private final java.lang.String sslTruststorePasswdProperty; private final java.lang.String sslTruststorePasswdPathProperty; private final java.lang.String sslTruststoreTypeProperty; private final java.lang.String sslContextSupplierClassProperty; private final java.lang.String sslHostnameVerificationEnabledProperty; private final java.lang.String sslCrlEnabledProperty; private final java.lang.String sslOcspEnabledProperty; private final java.lang.String sslClientAuthProperty; private final java.lang.String sslHandshakeDetectionTimeoutMillisProperty; private final java.util.concurrent.atomic.AtomicReference defaultSSLContextAndOptions; private org.apache.zookeeper.common.FileChangeWatcher keyStoreFileWatcher; private org.apache.zookeeper.common.FileChangeWatcher trustStoreFileWatcher; private static java.lang.String[] getGCMCiphers() { java.lang.String[] v; v = newarray (java.lang.String)[4]; v[0] = "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"; v[1] = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"; v[2] = "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"; v[3] = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"; return v; } private static java.lang.String[] getCBCCiphers() { java.lang.String[] v; v = newarray (java.lang.String)[8]; v[0] = "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"; v[1] = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"; v[2] = "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"; v[3] = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"; v[4] = "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"; v[5] = "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"; v[6] = "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"; v[7] = "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"; return v; } private static java.lang.String[] concatArrays(java.lang.String[], java.lang.String[]) { java.lang.String[] v, v, v; int v, v, v, v, v, v; v := @parameter: java.lang.String[]; v := @parameter: java.lang.String[]; v = lengthof v; v = lengthof v; v = v + v; v = newarray (java.lang.String)[v]; v = lengthof v; staticinvoke (v, 0, v, 0, v); v = lengthof v; v = lengthof v; staticinvoke (v, 0, v, v, v); return v; } public void () { org.apache.zookeeper.common.X509Util v; java.util.concurrent.atomic.AtomicReference v; java.lang.String v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v; v := @this: org.apache.zookeeper.common.X509Util; specialinvoke v.()>(); v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001protocol"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001enabledProtocols"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001ciphersuites"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001keyStore.location"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001keyStore.password"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001keyStore.passwordPath"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001keyStore.type"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001trustStore.location"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001trustStore.password"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001trustStore.passwordPath"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001trustStore.type"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001context.supplier.class"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001hostnameVerification"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001crl"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001ocsp"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001clientAuth"); v. = v; v = virtualinvoke v.(); v = dynamicinvoke "makeConcatWithConstants" (v) ("\u0001handshakeDetectionTimeoutMillis"); v. = v; v = new java.util.concurrent.atomic.AtomicReference; specialinvoke v.(java.lang.Object)>(null); v. = v; v. = null; v. = null; return; } protected abstract java.lang.String getConfigPrefix(); protected abstract boolean shouldVerifyClientHostname(); public java.lang.String getSslProtocolProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslEnabledProtocolsProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getCipherSuitesProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslKeystoreLocationProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslCipherSuitesProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslKeystorePasswdProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslKeystorePasswdPathProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslKeystoreTypeProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslTruststoreLocationProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslTruststorePasswdProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslTruststorePasswdPathProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslTruststoreTypeProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslContextSupplierClassProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslHostnameVerificationEnabledProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslCrlEnabledProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslOcspEnabledProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslClientAuthProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getSslHandshakeDetectionTimeoutMillisProperty() { org.apache.zookeeper.common.X509Util v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; return v; } public java.lang.String getFipsModeProperty() { org.apache.zookeeper.common.X509Util v; v := @this: org.apache.zookeeper.common.X509Util; return "zookeeper.fips-mode"; } public boolean getFipsMode(org.apache.zookeeper.common.ZKConfig) { org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; boolean v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: org.apache.zookeeper.common.ZKConfig; v = virtualinvoke v.("zookeeper.fips-mode", 1); return v; } public boolean isServerHostnameVerificationEnabled(org.apache.zookeeper.common.ZKConfig) { org.apache.zookeeper.common.X509Util v; java.lang.String v; org.apache.zookeeper.common.ZKConfig v; boolean v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: org.apache.zookeeper.common.ZKConfig; v = virtualinvoke v.(); v = virtualinvoke v.(v, 1); return v; } public boolean isClientHostnameVerificationEnabled(org.apache.zookeeper.common.ZKConfig) { org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; boolean v, v, v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: org.apache.zookeeper.common.ZKConfig; v = virtualinvoke v.(v); if v == 0 goto label; v = virtualinvoke v.(); if v == 0 goto label; v = 1; goto label; label: v = 0; label: return v; } public javax.net.ssl.SSLContext getDefaultSSLContext() throws org.apache.zookeeper.common.X509Exception$SSLContextException { org.apache.zookeeper.common.SSLContextAndOptions v; org.apache.zookeeper.common.X509Util v; javax.net.ssl.SSLContext v; v := @this: org.apache.zookeeper.common.X509Util; v = virtualinvoke v.(); v = virtualinvoke v.(); return v; } public javax.net.ssl.SSLContext createSSLContext(org.apache.zookeeper.common.ZKConfig) throws org.apache.zookeeper.common.X509Exception$SSLContextException { org.apache.zookeeper.common.SSLContextAndOptions v; javax.net.ssl.SSLContext v; org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: org.apache.zookeeper.common.ZKConfig; v = virtualinvoke v.(v); v = virtualinvoke v.(); return v; } public org.apache.zookeeper.common.SSLContextAndOptions getDefaultSSLContextAndOptions() throws org.apache.zookeeper.common.X509Exception$SSLContextException { org.apache.zookeeper.common.X509Util v; java.lang.Object v; java.util.concurrent.atomic.AtomicReference v, v, v; boolean v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; v = virtualinvoke v.(); if v != null goto label; v = specialinvoke v.(); v = v.; v = virtualinvoke v.(null, v); if v != 0 goto label; v = v.; virtualinvoke v.(); label: return v; } private void resetDefaultSSLContextAndOptions() throws org.apache.zookeeper.common.X509Exception$SSLContextException { org.apache.zookeeper.common.SSLContextAndOptions v; org.apache.zookeeper.common.X509Util v; java.util.concurrent.atomic.AtomicReference v; boolean v; v := @this: org.apache.zookeeper.common.X509Util; v = specialinvoke v.(); v = v.; virtualinvoke v.(v); v = staticinvoke ("zookeeper.client.certReload"); if v == 0 goto label; staticinvoke ("zookeeper.authProvider.x509"); label: return; } private org.apache.zookeeper.common.SSLContextAndOptions createSSLContextAndOptions() throws org.apache.zookeeper.common.X509Exception$SSLContextException { org.apache.zookeeper.common.SSLContextAndOptions v; org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; v := @this: org.apache.zookeeper.common.X509Util; v = new org.apache.zookeeper.common.ZKConfig; specialinvoke v.()>(); v = virtualinvoke v.(v); return v; } public int getSslHandshakeTimeoutMillis() { org.slf4j.Logger v, v; org.apache.zookeeper.common.X509Util v; java.lang.Exception v; org.apache.zookeeper.common.SSLContextAndOptions v; org.apache.zookeeper.common.X509Exception$SSLContextException v; int v; java.lang.String v; v := @this: org.apache.zookeeper.common.X509Util; label: v = virtualinvoke v.(); v = virtualinvoke v.(); label: return v; label: v := @caughtexception; v = ; interfaceinvoke v.("Error creating SSL context and options", v); return 5000; label: v := @caughtexception; v = ; v = virtualinvoke v.(); interfaceinvoke v.("Error parsing config property {}", v, v); return 5000; catch org.apache.zookeeper.common.X509Exception$SSLContextException from label to label with label; catch java.lang.Exception from label to label with label; } public org.apache.zookeeper.common.SSLContextAndOptions createSSLContextAndOptions(org.apache.zookeeper.common.ZKConfig) throws org.apache.zookeeper.common.X509Exception$SSLContextException { java.lang.Object[] v; java.lang.reflect.Constructor v; org.apache.zookeeper.common.SSLContextAndOptions v, v; java.lang.String v, v, v, v, v; org.slf4j.Logger v; java.lang.Class[] v; org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; java.lang.Exception v; org.apache.zookeeper.common.X509Exception$SSLContextException v; java.lang.Class v; java.lang.Object v, v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: org.apache.zookeeper.common.ZKConfig; v = v.; v = virtualinvoke v.(v); if v == null goto label; v = ; v = v.; interfaceinvoke v.("Loading SSLContext supplier from property \'{}\'", v); label: v = staticinvoke (v); v = newarray (java.lang.Class)[0]; v = virtualinvoke v.(v); v = newarray (java.lang.Object)[0]; v = virtualinvoke v.(v); v = new org.apache.zookeeper.common.SSLContextAndOptions; v = interfaceinvoke v.(); specialinvoke v.(org.apache.zookeeper.common.X509Util,org.apache.zookeeper.common.ZKConfig,javax.net.ssl.SSLContext)>(v, v, v); label: return v; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$SSLContextException; v = v.; v = dynamicinvoke "makeConcatWithConstants" (v, v) ("Could not retrieve the SSLContext from supplier source \'\u0001\' provided in the property \'\u0001\'"); specialinvoke v.(java.lang.String,java.lang.Throwable)>(v, v); throw v; label: v = virtualinvoke v.(v); return v; catch java.lang.ClassNotFoundException from label to label with label; catch java.lang.ClassCastException from label to label with label; catch java.lang.NoSuchMethodException from label to label with label; catch java.lang.reflect.InvocationTargetException from label to label with label; catch java.lang.InstantiationException from label to label with label; catch java.lang.IllegalAccessException from label to label with label; } public org.apache.zookeeper.common.SSLContextAndOptions createSSLContextAndOptionsFromConfig(org.apache.zookeeper.common.ZKConfig) throws org.apache.zookeeper.common.X509Exception$SSLContextException { javax.net.ssl.X509KeyManager v; javax.net.ssl.SSLContext v; java.security.GeneralSecurityException v; boolean v, v, v, v, v, v, v; org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; org.apache.zookeeper.common.X509Exception$SSLContextException v, v, v, v, v; org.apache.zookeeper.common.X509Exception$TrustManagerException v; org.apache.zookeeper.common.SSLContextAndOptions v; org.apache.zookeeper.common.X509Exception$KeyManagerException v; java.lang.String v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v, v; org.slf4j.Logger v, v; java.lang.IllegalArgumentException v, v; javax.net.ssl.TrustManager[] v, v; javax.net.ssl.X509TrustManager v; javax.net.ssl.KeyManager[] v, v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: org.apache.zookeeper.common.ZKConfig; v = null; v = null; v = v.; v = virtualinvoke v.(v, ""); v = v.; v = v.; v = virtualinvoke v.(v, v, v); v = v.; v = virtualinvoke v.(v); v = virtualinvoke v.(); if v == 0 goto label; v = ; v = virtualinvoke v.(); interfaceinvoke v.("{} not specified", v); goto label; label: v = newarray (javax.net.ssl.KeyManager)[1]; v = staticinvoke (v, v, v); v[0] = v; v = v; label: goto label; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$SSLContextException; specialinvoke v.(java.lang.String,java.lang.Throwable)>("Failed to create KeyManager", v); throw v; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$SSLContextException; v = v.; v = dynamicinvoke "makeConcatWithConstants" (v, v) ("Bad value for \u0001: \u0001"); specialinvoke v.(java.lang.String,java.lang.Throwable)>(v, v); throw v; label: v = v.; v = virtualinvoke v.(v, ""); v = v.; v = v.; v = virtualinvoke v.(v, v, v); v = v.; v = virtualinvoke v.(v); v = v.; v = virtualinvoke v.(v); v = v.; v = virtualinvoke v.(v); v = virtualinvoke v.(v); v = virtualinvoke v.(v); v = virtualinvoke v.(v); v = virtualinvoke v.(); if v == 0 goto label; v = ; v = virtualinvoke v.(); interfaceinvoke v.("{} not specified", v); goto label; label: v = newarray (javax.net.ssl.TrustManager)[1]; v = staticinvoke (v, v, v, v, v, v, v, v); v[0] = v; v = v; label: goto label; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$SSLContextException; specialinvoke v.(java.lang.String,java.lang.Throwable)>("Failed to create TrustManager", v); throw v; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$SSLContextException; v = v.; v = dynamicinvoke "makeConcatWithConstants" (v, v) ("Bad value for \u0001: \u0001"); specialinvoke v.(java.lang.String,java.lang.Throwable)>(v, v); throw v; label: v = v.; v = virtualinvoke v.(v, "TLSv.2"); label: v = staticinvoke (v); virtualinvoke v.(v, v, null); v = new org.apache.zookeeper.common.SSLContextAndOptions; specialinvoke v.(org.apache.zookeeper.common.X509Util,org.apache.zookeeper.common.ZKConfig,javax.net.ssl.SSLContext)>(v, v, v); label: return v; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$SSLContextException; specialinvoke v.(java.lang.Throwable)>(v); throw v; catch org.apache.zookeeper.common.X509Exception$KeyManagerException from label to label with label; catch java.lang.IllegalArgumentException from label to label with label; catch org.apache.zookeeper.common.X509Exception$TrustManagerException from label to label with label; catch java.lang.IllegalArgumentException from label to label with label; catch java.security.NoSuchAlgorithmException from label to label with label; catch java.security.KeyManagementException from label to label with label; } public static java.security.KeyStore loadKeyStore(java.lang.String, java.lang.String, java.lang.String) throws java.io.IOException, java.security.GeneralSecurityException { java.security.KeyStore v; java.lang.String v, v, v; org.apache.zookeeper.common.FileKeyStoreLoader$Builder v, v, v; org.apache.zookeeper.common.FileKeyStoreLoader v; org.apache.zookeeper.common.KeyStoreFileType v; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v = staticinvoke (v, v); v = staticinvoke (v); v = virtualinvoke v.(v); v = virtualinvoke v.(v); v = virtualinvoke v.(); v = virtualinvoke v.(); return v; } public static java.security.KeyStore loadTrustStore(java.lang.String, java.lang.String, java.lang.String) throws java.io.IOException, java.security.GeneralSecurityException { java.security.KeyStore v; java.lang.String v, v, v; org.apache.zookeeper.common.FileKeyStoreLoader$Builder v, v, v; org.apache.zookeeper.common.FileKeyStoreLoader v; org.apache.zookeeper.common.KeyStoreFileType v; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v = staticinvoke (v, v); v = staticinvoke (v); v = virtualinvoke v.(v); v = virtualinvoke v.(v); v = virtualinvoke v.(); v = virtualinvoke v.(); return v; } public java.lang.String getPasswordFromConfigPropertyOrFile(org.apache.zookeeper.common.ZKConfig, java.lang.String, java.lang.String) { org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; char[] v; java.lang.String v, v, v, v; boolean v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: org.apache.zookeeper.common.ZKConfig; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v = virtualinvoke v.(v, ""); v = virtualinvoke v.(v, ""); v = virtualinvoke v.(); if v != 0 goto label; v = staticinvoke (v); v = staticinvoke (v); label: return v; } public static javax.net.ssl.X509KeyManager createKeyManager(java.lang.String, java.lang.String, java.lang.String) throws org.apache.zookeeper.common.X509Exception$KeyManagerException { javax.net.ssl.KeyManagerFactory v; java.security.KeyStore v; java.lang.Exception v; javax.net.ssl.KeyManager v; org.apache.zookeeper.common.X509Exception$KeyManagerException v, v; int v, v; char[] v; java.lang.String v, v, v; boolean v; javax.net.ssl.KeyManager[] v; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v := @parameter: java.lang.String; if v != null goto label; v = ""; label: v = staticinvoke (v, v, v); v = staticinvoke ("PKIX"); v = virtualinvoke v.(); virtualinvoke v.(v, v); v = virtualinvoke v.(); v = lengthof v; v = 0; label: if v >= v goto label; v = v[v]; v = v instanceof javax.net.ssl.X509KeyManager; if v == 0 goto label; label: return v; label: v = v + 1; goto label; label: v = new org.apache.zookeeper.common.X509Exception$KeyManagerException; specialinvoke v.(java.lang.String)>("Couldn\'t find X509KeyManager"); throw v; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$KeyManagerException; specialinvoke v.(java.lang.Throwable)>(v); throw v; catch java.io.IOException from label to label with label; catch java.security.GeneralSecurityException from label to label with label; catch java.lang.IllegalArgumentException from label to label with label; } public static javax.net.ssl.X509TrustManager createTrustManager(java.lang.String, java.lang.String, java.lang.String, boolean, boolean, boolean, boolean, boolean) throws org.apache.zookeeper.common.X509Exception$TrustManagerException { org.apache.zookeeper.common.X509Exception$TrustManagerException v, v; javax.net.ssl.CertPathTrustManagerParameters v; javax.net.ssl.TrustManager v; int v, v; java.lang.String v, v, v; boolean v, v, v, v, v, v, v, v; org.slf4j.Logger v, v, v, v; javax.net.ssl.TrustManagerFactory v; java.security.cert.X509CertSelector v; org.apache.zookeeper.common.ZKTrustManager v; java.security.KeyStore v; java.lang.Exception v; java.security.cert.PKIXBuilderParameters v; javax.net.ssl.TrustManager[] v; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v := @parameter: java.lang.String; v := @parameter: boolean; v := @parameter: boolean; v := @parameter: boolean; v := @parameter: boolean; v := @parameter: boolean; if v != null goto label; v = ""; label: v = staticinvoke (v, v, v); v = new java.security.cert.PKIXBuilderParameters; v = new java.security.cert.X509CertSelector; specialinvoke v.()>(); specialinvoke v.(java.security.KeyStore,java.security.cert.CertSelector)>(v, v); if v != 0 goto label; if v == 0 goto label; label: virtualinvoke v.(1); staticinvoke ("com.sun.net.ssl.checkRevocation", "true"); staticinvoke ("com.sun.security.enableCRLDP", "true"); if v == 0 goto label; staticinvoke ("ocsp.enable", "true"); goto label; label: virtualinvoke v.(0); label: v = staticinvoke ("PKIX"); v = new javax.net.ssl.CertPathTrustManagerParameters; specialinvoke v.(java.security.cert.CertPathParameters)>(v); virtualinvoke v.(v); v = virtualinvoke v.(); v = lengthof v; v = 0; label: if v >= v goto label; v = v[v]; v = v instanceof javax.net.ssl.X509ExtendedTrustManager; if v == 0 goto label; if v == 0 goto label; v = ; v = interfaceinvoke v.(); if v == 0 goto label; v = ; interfaceinvoke v.("FIPS mode is ON: selecting standard x trust manager {}", v); label: return v; label: v = ; v = interfaceinvoke v.(); if v == 0 goto label; v = ; interfaceinvoke v.("FIPS mode is OFF: creating ZKTrustManager"); label: v = new org.apache.zookeeper.common.ZKTrustManager; specialinvoke v.(javax.net.ssl.X509ExtendedTrustManager,boolean,boolean)>(v, v, v); label: return v; label: v = v + 1; goto label; label: v = new org.apache.zookeeper.common.X509Exception$TrustManagerException; specialinvoke v.(java.lang.String)>("Couldn\'t find X509TrustManager"); throw v; label: v := @caughtexception; v = new org.apache.zookeeper.common.X509Exception$TrustManagerException; specialinvoke v.(java.lang.Throwable)>(v); throw v; catch java.io.IOException from label to label with label; catch java.security.GeneralSecurityException from label to label with label; catch java.lang.IllegalArgumentException from label to label with label; catch java.io.IOException from label to label with label; catch java.security.GeneralSecurityException from label to label with label; catch java.lang.IllegalArgumentException from label to label with label; } public javax.net.ssl.SSLSocket createSSLSocket() throws org.apache.zookeeper.common.X509Exception, java.io.IOException { javax.net.ssl.SSLSocket v; org.apache.zookeeper.common.SSLContextAndOptions v; org.apache.zookeeper.common.X509Util v; v := @this: org.apache.zookeeper.common.X509Util; v = virtualinvoke v.(); v = virtualinvoke v.(); return v; } public javax.net.ssl.SSLSocket createSSLSocket(java.net.Socket, byte[]) throws org.apache.zookeeper.common.X509Exception, java.io.IOException { byte[] v; org.apache.zookeeper.common.SSLContextAndOptions v; java.net.Socket v; javax.net.ssl.SSLSocket v; org.apache.zookeeper.common.X509Util v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: java.net.Socket; v := @parameter: byte[]; v = virtualinvoke v.(); v = virtualinvoke v.(v, v); return v; } public javax.net.ssl.SSLServerSocket createSSLServerSocket() throws org.apache.zookeeper.common.X509Exception, java.io.IOException { org.apache.zookeeper.common.SSLContextAndOptions v; org.apache.zookeeper.common.X509Util v; javax.net.ssl.SSLServerSocket v; v := @this: org.apache.zookeeper.common.X509Util; v = virtualinvoke v.(); v = virtualinvoke v.(); return v; } public javax.net.ssl.SSLServerSocket createSSLServerSocket(int) throws org.apache.zookeeper.common.X509Exception, java.io.IOException { org.apache.zookeeper.common.SSLContextAndOptions v; javax.net.ssl.SSLServerSocket v; int v; org.apache.zookeeper.common.X509Util v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: int; v = virtualinvoke v.(); v = virtualinvoke v.(v); return v; } static java.lang.String[] getDefaultCipherSuites() { java.lang.String[] v; java.lang.String v; v = staticinvoke ("java.specification.version"); v = staticinvoke (v); return v; } static java.lang.String[] getDefaultCipherSuitesForJavaVersion(java.lang.String) { org.slf4j.Logger v, v, v; java.lang.String[] v, v, v; java.lang.String v; boolean v, v; v := @parameter: java.lang.String; virtualinvoke v.(); v = virtualinvoke v.("\\d+"); if v == 0 goto label; v = ; interfaceinvoke v.("Using Java+ optimized cipher suites for Java version {}", v); v = ; return v; label: v = virtualinvoke v.("1."); if v == 0 goto label; v = ; interfaceinvoke v.("Using Java optimized cipher suites for Java version {}", v); v = ; return v; label: v = ; interfaceinvoke v.("Could not parse java version {}, using Java optimized cipher suites", v); v = ; return v; } private org.apache.zookeeper.common.FileChangeWatcher newFileChangeWatcher(java.lang.String) throws java.io.IOException { org.apache.zookeeper.common.X509Util v; java.io.IOException v; java.lang.String[] v; java.util.function.Consumer v; org.apache.zookeeper.common.FileChangeWatcher v; java.lang.String v, v; java.nio.file.Path v, v, v; boolean v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: java.lang.String; if v == null goto label; v = virtualinvoke v.(); if v == 0 goto label; label: return null; label: v = newarray (java.lang.String)[0]; v = staticinvoke (v, v); v = interfaceinvoke v.(); v = interfaceinvoke v.(); if v != null goto label; v = new java.io.IOException; v = dynamicinvoke "makeConcatWithConstants" (v) ("Key/trust store path does not have a parent: \u0001"); specialinvoke v.(java.lang.String)>(v); throw v; label: v = new org.apache.zookeeper.common.FileChangeWatcher; v = staticinvoke (v, v); specialinvoke v.(java.nio.file.Path,java.util.function.Consumer)>(v, v); return v; } public void enableCertFileReloading() throws java.io.IOException { org.slf4j.Logger v; org.apache.zookeeper.common.X509Util v; org.apache.zookeeper.common.ZKConfig v; org.apache.zookeeper.common.FileChangeWatcher v, v, v, v, v, v, v, v; java.lang.String v, v, v, v; v := @this: org.apache.zookeeper.common.X509Util; v = ; interfaceinvoke v.("enabling cert file reloading"); v = new org.apache.zookeeper.common.ZKConfig; specialinvoke v.()>(); v = v.; v = virtualinvoke v.(v); v = specialinvoke v.(v); if v == null goto label; v = v.; if v == null goto label; v = v.; virtualinvoke v.(); label: v. = v; v = v.; virtualinvoke v.(); label: v = v.; v = virtualinvoke v.(v); v = specialinvoke v.(v); if v == null goto label; v = v.; if v == null goto label; v = v.; virtualinvoke v.(); label: v. = v; v = v.; virtualinvoke v.(); label: return; } public void close() { org.apache.zookeeper.common.FileChangeWatcher v, v, v, v; org.apache.zookeeper.common.X509Util v; java.util.concurrent.atomic.AtomicReference v; v := @this: org.apache.zookeeper.common.X509Util; v = v.; virtualinvoke v.(null); v = v.; if v == null goto label; v = v.; virtualinvoke v.(); v. = null; label: v = v.; if v == null goto label; v = v.; virtualinvoke v.(); v. = null; label: return; } private void handleWatchEvent(java.nio.file.Path, java.nio.file.WatchEvent) { java.nio.file.WatchEvent$Kind v, v, v, v, v, v, v, v; java.nio.file.Path v, v, v; boolean v, v, v, v, v; org.slf4j.Logger v, v; java.nio.file.WatchEvent v; org.apache.zookeeper.common.X509Util v; java.lang.RuntimeException v; org.apache.zookeeper.common.X509Exception$SSLContextException v; java.lang.Object v, v, v; v := @this: org.apache.zookeeper.common.X509Util; v := @parameter: java.nio.file.Path; v := @parameter: java.nio.file.WatchEvent; v = 0; v = interfaceinvoke v.(); v = interfaceinvoke v.(); v = ; v = virtualinvoke v.(v); if v == 0 goto label; v = 1; goto label; label: v = interfaceinvoke v.(); v = ; v = virtualinvoke v.(v); if v != 0 goto label; v = interfaceinvoke v.(); v = ; v = virtualinvoke v.(v); if v == 0 goto label; label: v = interfaceinvoke v.(); v = interfaceinvoke v.(v); v = interfaceinvoke v.(v); if v == 0 goto label; v = 1; label: if v == 0 goto label; v = ; v = interfaceinvoke v.(); v = interfaceinvoke v.(); interfaceinvoke v.("Attempting to reset default SSL context after receiving watch event: {} with context: {}", v, v); label: specialinvoke v.(); label: goto label; label: v := @caughtexception; v = new java.lang.RuntimeException; specialinvoke v.(java.lang.Throwable)>(v); throw v; label: v = ; v = interfaceinvoke v.(); v = interfaceinvoke v.(); interfaceinvoke v.("Ignoring watch event and keeping previous default SSL context. Event kind: {} with context: {}", v, v); label: return; catch org.apache.zookeeper.common.X509Exception$SSLContextException from label to label with label; } static void () { org.slf4j.Logger v, v; java.lang.String[] v, v, v, v, v, v; java.lang.Boolean v; java.lang.String v, v; v = staticinvoke (class "Lorg/apache/zookeeper/common/X509Util;"); = v; v = staticinvoke ("jdk.tls.rejectClientInitiatedRenegotiation"); if v != null goto label; v = ; interfaceinvoke v.("Setting -D {}=true to disable client-initiated TLS renegotiation", "jdk.tls.rejectClientInitiatedRenegotiation"); v = ; v = virtualinvoke v.(); staticinvoke ("jdk.tls.rejectClientInitiatedRenegotiation", v); label: v = staticinvoke (); v = staticinvoke (); v = staticinvoke (v, v); = v; v = staticinvoke (); v = staticinvoke (); v = staticinvoke (v, v); = v; return; } }