package org.apache.hadoop.hdfs.server.datanode;

import com.google.common.annotations.VisibleForTesting;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.nio.channels.ServerSocketChannel;
import org.apache.commons.daemon.Daemon;
import org.apache.commons.daemon.DaemonContext;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hdfs.DFSConfigKeys;
import org.apache.hadoop.hdfs.DFSUtil;
import org.apache.hadoop.hdfs.HdfsConfiguration;
import org.apache.hadoop.hdfs.server.common.HdfsServerConstants;
import org.apache.hadoop.http.HttpConfig;
import org.apache.hadoop.security.SecurityUtil;
import org.apache.hadoop.security.UserGroupInformation;

/* loaded from: input_file:lib/hadoop-hdfs-2.7.0-mapr-1710.jar:org/apache/hadoop/hdfs/server/datanode/SecureDataNodeStarter.class */
public class SecureDataNodeStarter implements Daemon {
    private String[] args;
    private SecureResources resources;

    /* loaded from: input_file:lib/hadoop-hdfs-2.7.0-mapr-1710.jar:org/apache/hadoop/hdfs/server/datanode/SecureDataNodeStarter$SecureResources.class */
    public static class SecureResources {
        private final ServerSocket streamingSocket;
        private final ServerSocketChannel httpServerSocket;

        public SecureResources(ServerSocket serverSocket, ServerSocketChannel serverSocketChannel) {
            this.streamingSocket = serverSocket;
            this.httpServerSocket = serverSocketChannel;
        }

        public ServerSocket getStreamingSocket() {
            return this.streamingSocket;
        }

        public ServerSocketChannel getHttpServerChannel() {
            return this.httpServerSocket;
        }
    }

    @Override // org.apache.commons.daemon.Daemon
    public void init(DaemonContext daemonContext) throws Exception {
        System.err.println("Initializing secure datanode resources");
        HdfsConfiguration hdfsConfiguration = new HdfsConfiguration();
        this.args = daemonContext.getArguments();
        this.resources = getSecureResources(hdfsConfiguration);
    }

    @Override // org.apache.commons.daemon.Daemon
    public void start() throws Exception {
        System.err.println("Starting regular datanode initialization");
        DataNode.secureMain(this.args, this.resources);
    }

    @Override // org.apache.commons.daemon.Daemon
    public void destroy() {
    }

    @Override // org.apache.commons.daemon.Daemon
    public void stop() throws Exception {
    }

    @VisibleForTesting
    public static SecureResources getSecureResources(Configuration configuration) throws Exception {
        ServerSocketChannel serverSocketChannel;
        HttpConfig.Policy httpPolicy = DFSUtil.getHttpPolicy(configuration);
        boolean isSecurityEnabled = UserGroupInformation.isSecurityEnabled();
        InetSocketAddress streamingAddr = DataNode.getStreamingAddr(configuration);
        ServerSocket socket = configuration.getInt(DFSConfigKeys.DFS_DATANODE_SOCKET_WRITE_TIMEOUT_KEY, HdfsServerConstants.WRITE_TIMEOUT) > 0 ? ServerSocketChannel.open().socket() : new ServerSocket();
        socket.bind(streamingAddr, 0);
        if (socket.getLocalPort() != streamingAddr.getPort()) {
            throw new RuntimeException("Unable to bind on specified streaming port in secure context. Needed " + streamingAddr.getPort() + ", got " + socket.getLocalPort());
        }
        if (!SecurityUtil.isPrivilegedPort(socket.getLocalPort()) && isSecurityEnabled) {
            throw new RuntimeException("Cannot start secure datanode with unprivileged RPC ports");
        }
        System.err.println("Opened streaming server at " + streamingAddr);
        if (httpPolicy.isHttpEnabled()) {
            serverSocketChannel = ServerSocketChannel.open();
            InetSocketAddress infoAddr = DataNode.getInfoAddr(configuration);
            serverSocketChannel.socket().bind(infoAddr);
            InetSocketAddress inetSocketAddress = (InetSocketAddress) serverSocketChannel.socket().getLocalSocketAddress();
            if (inetSocketAddress.getPort() != infoAddr.getPort()) {
                throw new RuntimeException("Unable to bind on specified info port in secure context. Needed " + streamingAddr.getPort() + ", got " + socket.getLocalPort());
            }
            System.err.println("Successfully obtained privileged resources (streaming port = " + socket + " ) (http listener port = " + inetSocketAddress.getPort() + ")");
            if (inetSocketAddress.getPort() > 1023 && isSecurityEnabled) {
                throw new RuntimeException("Cannot start secure datanode with unprivileged HTTP ports");
            }
            System.err.println("Opened info server at " + infoAddr);
        } else {
            serverSocketChannel = null;
        }
        return new SecureResources(socket, serverSocketChannel);
    }
}
