package org.apache.kerby.kerberos.tool.kdcinit;

import java.io.File;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.apache.kerby.kerberos.kerb.admin.kadmin.local.LocalKadmin;
import org.apache.kerby.kerberos.kerb.admin.kadmin.local.LocalKadminImpl;
import org.apache.kerby.kerberos.kerb.admin.server.kadmin.AdminServer;
import org.apache.kerby.kerberos.kerb.admin.server.kadmin.AdminServerConfig;
import org.apache.kerby.util.OSUtil;

/* loaded from: input_file:org/apache/kerby/kerberos/tool/kdcinit/KdcInitTool.class */
public class KdcInitTool {
    private LocalKadmin kadmin;
    private static File adminKeytabFile;
    private static File protocolKeytabFile;
    private static final String USAGE;

    void initKdc(File file) throws KrbException {
        this.kadmin = new LocalKadminImpl(file);
        try {
            this.kadmin.createBuiltinPrincipals();
            this.kadmin.exportKeytab(adminKeytabFile, this.kadmin.getKadminPrincipal());
            System.out.println("The keytab for kadmin principal has been exported to the specified file " + adminKeytabFile.getAbsolutePath() + ", please keep it safe, in order to use kadmin tool later");
            AdminServerConfig adminServerConfig = new AdminServer(file).getAdminServerConfig();
            String str = adminServerConfig.getProtocol() + "/" + adminServerConfig.getAdminHost() + "@" + adminServerConfig.getAdminRealm();
            this.kadmin.addPrincipal(str);
            this.kadmin.exportKeytab(protocolKeytabFile, str);
            System.out.println("The keytab for protocol principal has been exported to the specified file " + protocolKeytabFile.getAbsolutePath() + ", please keep it safe, in order to use remote kadmin tool later");
            this.kadmin.release();
        } catch (Throwable th) {
            this.kadmin.release();
            throw th;
        }
    }

    public static void main(String[] strArr) throws KrbException {
        if (strArr.length != 2) {
            System.err.println(USAGE);
            System.exit(1);
        }
        String str = strArr[0];
        String str2 = strArr[1];
        File file = new File(str);
        File file2 = new File(str2);
        adminKeytabFile = new File(file2, "admin.keytab");
        protocolKeytabFile = new File(file2, "protocol.keytab");
        if (!file.exists()) {
            System.err.println("The conf-dir is invalid or does not exist.");
            System.exit(2);
        }
        if (file2 != null && !file2.exists() && !file2.mkdirs()) {
            System.err.println("Could not create keytab path." + file2);
            System.exit(3);
        }
        if (adminKeytabFile.exists()) {
            System.err.println("The kadmin keytab already exists in " + adminKeytabFile + ", this tool may have been executed already.");
            return;
        }
        if (protocolKeytabFile.exists()) {
            System.err.println("The protocol keytab already exists in " + protocolKeytabFile + ", this tool may have been executed already.");
            return;
        }
        try {
            new KdcInitTool().initKdc(file);
        } catch (KrbException e) {
            System.err.println("Errors occurred when initializing the kdc " + e.getMessage());
            System.exit(1);
        }
        System.out.println("Finished initializing the KDC backend");
        System.exit(0);
    }

    static {
        USAGE = (OSUtil.isWindows() ? "Usage: bin\\kdcinit.cmd" : "Usage: sh bin/kdcinit.sh") + " <conf-dir> <keytab-dir>\n\tThis tool initializes KDC backend and should only be performed the first time,\n\tand the output keytabs should be carefully kept to administrate/kadmin KDC later.\n\tExample:\n\t\t" + (OSUtil.isWindows() ? "bin\\kdcinit.cmd" : "sh bin/kdcinit.sh") + " conf keytabfolder\n";
    }
}
