package org.apache.directory.server.kerberos.kdc;

import java.io.IOException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.server.kerberos.KerberosConfig;
import org.apache.directory.server.kerberos.changepwd.ChangePasswordServer;
import org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler;
import org.apache.directory.server.kerberos.protocol.codec.KerberosProtocolCodecFactory;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
import org.apache.directory.server.kerberos.shared.replay.ReplayCacheImpl;
import org.apache.directory.server.protocol.shared.DirectoryBackedService;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
import org.apache.directory.server.protocol.shared.transport.Transport;
import org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder;
import org.apache.mina.core.service.IoAcceptor;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
import org.apache.mina.transport.socket.nio.NioSocketAcceptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:resources/libs/apacheds-service-2.0.0-M12.jar:org/apache/directory/server/kerberos/kdc/KdcServer.class */
public class KdcServer extends DirectoryBackedService {
    private static final long serialVersionUID = 522567370475574165L;
    private static final Logger LOG = LoggerFactory.getLogger(KdcServer.class);
    private static final String SERVICE_NAME = "Keydap Kerberos Service";
    private ReplayCache replayCache;
    private KerberosConfig config;
    private ChangePasswordServer changePwdServer;

    public KdcServer() {
        this(new KerberosConfig());
    }

    public KdcServer(KerberosConfig kerberosConfig) {
        this.config = kerberosConfig;
        super.setServiceName(SERVICE_NAME);
        super.setSearchBaseDn(kerberosConfig.getSearchBaseDn());
    }

    public ReplayCache getReplayCache() {
        return this.replayCache;
    }

    @Override // org.apache.directory.server.protocol.shared.ProtocolService
    public void start() throws IOException, LdapInvalidDnException {
        DirectoryPrincipalStore directoryPrincipalStore = new DirectoryPrincipalStore(getDirectoryService(), new Dn(getSearchBaseDn()));
        LOG.debug("initializing the kerberos replay cache");
        this.replayCache = new ReplayCacheImpl(getDirectoryService().getCacheService().getCache("kdcReplayCache"), this.config.getAllowableClockSkew());
        for (Transport transport : this.transports) {
            IoAcceptor acceptor = transport.getAcceptor();
            DefaultIoFilterChainBuilder defaultIoFilterChainBuilder = new DefaultIoFilterChainBuilder();
            if (transport instanceof TcpTransport) {
                acceptor.setCloseOnDeactivation(false);
                ((NioSocketAcceptor) acceptor).getSessionConfig().setTcpNoDelay(true);
                ((NioSocketAcceptor) acceptor).setReuseAddress(true);
            }
            defaultIoFilterChainBuilder.addFirst("codec", new ProtocolCodecFilter(KerberosProtocolCodecFactory.getInstance()));
            acceptor.setFilterChainBuilder(defaultIoFilterChainBuilder);
            acceptor.setHandler(new KerberosProtocolHandler(this, directoryPrincipalStore));
            acceptor.bind();
        }
        LOG.info("Kerberos service started.");
        if (this.changePwdServer != null) {
            this.changePwdServer.setSearchBaseDn(getSearchBaseDn());
            this.changePwdServer.start();
        }
    }

    @Override // org.apache.directory.server.protocol.shared.ProtocolService
    public void stop() {
        for (Transport transport : getTransports()) {
            IoAcceptor acceptor = transport.getAcceptor();
            if (acceptor != null) {
                acceptor.dispose();
            }
        }
        if (this.replayCache != null) {
            this.replayCache.clear();
        }
        LOG.info("Kerberos service stopped.");
        if (this.changePwdServer != null) {
            this.changePwdServer.stop();
        }
    }

    public int getTcpPort() {
        for (Transport transport : this.transports) {
            if (transport instanceof TcpTransport) {
                return transport.getPort();
            }
        }
        return -1;
    }

    public KerberosConfig getConfig() {
        return this.config;
    }

    public ChangePasswordServer getChangePwdServer() {
        return this.changePwdServer;
    }

    public void setChangePwdServer(ChangePasswordServer changePasswordServer) {
        this.changePwdServer = changePasswordServer;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("KDCServer[").append(getServiceName()).append("], listening on :").append('\n');
        if (getTransports() != null) {
            for (Transport transport : getTransports()) {
                sb.append("    ").append(transport).append('\n');
            }
        }
        return sb.toString();
    }
}
