package com.yahoo.vespa.zookeeper;

import com.google.common.collect.ImmutableSet;
import com.yahoo.net.HostName;
import com.yahoo.text.StringUtilities;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.nio.channels.SelectionKey;
import java.nio.channels.SocketChannel;
import java.util.HashSet;
import java.util.Set;
import java.util.logging.Logger;
import org.apache.zookeeper.server.NIOServerCnxn;
import org.apache.zookeeper.server.NIOServerCnxnFactory;

/* loaded from: input_file:com/yahoo/vespa/zookeeper/RestrictedServerCnxnFactory.class */
public class RestrictedServerCnxnFactory extends NIOServerCnxnFactory {
    private static final Logger log = Logger.getLogger(RestrictedServerCnxnFactory.class.getName());

    protected NIOServerCnxn createConnection(SocketChannel socketChannel, SelectionKey selectionKey) throws IOException {
        NIOServerCnxn createConnection = super.createConnection(socketChannel, selectionKey);
        validateRemoteOrClose(socketChannel);
        return createConnection;
    }

    private void validateRemoteOrClose(SocketChannel socketChannel) {
        try {
            String hostName = ((InetSocketAddress) socketChannel.getRemoteAddress()).getHostName();
            if (isLocalHost(hostName)) {
                return;
            }
            ImmutableSet<String> findAllowedZooKeeperClients = findAllowedZooKeeperClients();
            if (findAllowedZooKeeperClients.isEmpty() || findAllowedZooKeeperClients.contains(hostName)) {
                return;
            }
            log.info("Rejecting connection to ZooKeeper from " + hostName + ": This cluster only allow connection from hosts in: " + findAllowedZooKeeperClients);
            socketChannel.shutdownInput();
            socketChannel.shutdownOutput();
        } catch (Exception e) {
            log.warning("Unexpected exception: " + e);
        }
    }

    private ImmutableSet<String> findAllowedZooKeeperClients() {
        String str = System.getenv("vespa_zkfacade__restrict");
        return str != null ? ImmutableSet.copyOf(toHostnameSet(str)) : ZooKeeperServer.getAllowedClientHostnames();
    }

    private Set<String> toHostnameSet(String str) {
        HashSet hashSet = new HashSet();
        for (String str2 : StringUtilities.split(str)) {
            if (!str2.trim().isEmpty()) {
                hashSet.add(str2.trim());
            }
        }
        return hashSet;
    }

    private boolean isLocalHost(String str) {
        return str.equals("localhost") || str.equals("localhost.localdomain") || str.equals(HostName.getLocalhost());
    }
}
