package weblogic.security.net;

import java.io.IOException;
import java.io.StreamCorruptedException;
import java.net.InetAddress;
import java.text.ParseException;
import java.util.StringTokenizer;
import java.util.Vector;
import weblogic.security.SecurityLogger;
import weblogic.security.SecurityService;

/* loaded from: input_file:weblogic.jar:weblogic/security/net/ConnectionFilterImpl.class */
public class ConnectionFilterImpl implements ConnectionFilter, ConnectionFilterRulesListener {
    static ConnectionFilter impl = new ConnectionFilterImpl();
    private FilterEntry[] rules;

    @Override // weblogic.security.net.ConnectionFilterRulesListener
    public void checkRules(String[] strArr) throws ParseException {
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                String str = strArr[i];
                int indexOf = str.indexOf(35);
                if (indexOf != -1) {
                    str = str.substring(0, indexOf).trim();
                }
                if (str.length() != 0) {
                    try {
                        parseLine(str, null);
                    } catch (StreamCorruptedException e) {
                        throw new ParseException(e.getMessage(), i + 1);
                    } catch (IOException e2) {
                        throw new ParseException(e2.getMessage(), i + 1);
                    } catch (IllegalArgumentException e3) {
                        throw new ParseException(e3.getMessage(), i + 1);
                    }
                }
            }
        }
    }

    protected void checkRules(String[] strArr, Vector vector) throws ParseException {
        if (strArr != null) {
            for (int i = 0; i < strArr.length; i++) {
                String str = strArr[i];
                int indexOf = str.indexOf(35);
                if (indexOf != -1) {
                    str = str.substring(0, indexOf).trim();
                }
                if (str.length() != 0) {
                    try {
                        parseLine(str, vector);
                    } catch (StreamCorruptedException e) {
                        throw new ParseException(e.getMessage(), i + 1);
                    } catch (IOException e2) {
                        throw new ParseException(e2.getMessage(), i + 1);
                    } catch (IllegalArgumentException e3) {
                        throw new ParseException(e3.getMessage(), i + 1);
                    }
                }
            }
        }
    }

    @Override // weblogic.security.net.ConnectionFilterRulesListener
    public void setRules(String[] strArr) throws ParseException {
        Vector vector = new Vector();
        checkRules(strArr, vector);
        FilterEntry[] filterEntryArr = new FilterEntry[vector.size()];
        vector.copyInto(filterEntryArr);
        this.rules = filterEntryArr;
    }

    @Override // weblogic.security.net.ConnectionFilter
    public void accept(ConnectionEvent connectionEvent) throws FilterException {
        if (this.rules != null) {
            InetAddress remoteAddress = connectionEvent.getRemoteAddress();
            int protocolToMaskBit = protocolToMaskBit(connectionEvent.getProtocol().toLowerCase());
            InetAddress localAddress = connectionEvent.getLocalAddress();
            int localPort = connectionEvent.getLocalPort();
            connectionEvent.getRemotePort();
            if (protocolToMaskBit == -559038737) {
                protocolToMaskBit = 0;
            }
            for (int i = 0; i < this.rules.length; i++) {
                switch (this.rules[i].check(remoteAddress, protocolToMaskBit, localAddress, localPort)) {
                    case 0:
                        return;
                    case 1:
                        throw new FilterException(SecurityLogger.getRuleDenied(new StringBuffer().append("").append(i + 1).toString()));
                    case 2:
                    default:
                        throw new RuntimeException(SecurityLogger.getConnFilterInternalErr());
                }
            }
        }
    }

    protected void parseLine(String str, Vector vector) throws IOException, IllegalArgumentException {
        int[] parseAddresses;
        StringTokenizer stringTokenizer = new StringTokenizer(str);
        String nextToken = stringTokenizer.nextToken();
        int parseSingleAddress = parseSingleAddress(stringTokenizer.nextToken());
        String nextToken2 = stringTokenizer.nextToken();
        int intValue = nextToken2.equals("*") ? -1 : new Integer(nextToken2).intValue();
        boolean parseAction = parseAction(stringTokenizer.nextToken());
        if (nextToken.startsWith("*")) {
            SlowFilterEntry slowFilterEntry = new SlowFilterEntry(parseAction, parseProtocols(stringTokenizer), nextToken, parseSingleAddress, intValue);
            if (vector != null) {
                vector.addElement(slowFilterEntry);
                return;
            }
            return;
        }
        int indexOf = nextToken.indexOf(47);
        int i = -1;
        if (indexOf != -1) {
            parseAddresses = parseAddresses(nextToken.substring(0, indexOf));
            i = parseNetmask(nextToken.substring(indexOf + 1));
        } else {
            parseAddresses = parseAddresses(nextToken);
        }
        int parseProtocols = parseProtocols(stringTokenizer);
        for (int i2 : parseAddresses) {
            FastFilterEntry fastFilterEntry = new FastFilterEntry(parseAction, parseProtocols, i2, i, parseSingleAddress, intValue);
            if (vector != null) {
                vector.addElement(fastFilterEntry);
            }
        }
    }

    protected static final int parseProtocols(StringTokenizer stringTokenizer) throws FilterException {
        int i = 0;
        while (true) {
            int i2 = i;
            if (!stringTokenizer.hasMoreTokens()) {
                return i2;
            }
            String nextToken = stringTokenizer.nextToken();
            int protocolToMaskBit = protocolToMaskBit(nextToken);
            if (protocolToMaskBit == -559038737) {
                throw new IllegalArgumentException(SecurityLogger.getUnknownProtocol(nextToken));
            }
            i = i2 | protocolToMaskBit;
        }
    }

    private static final int protocolToMaskBit(String str) throws FilterException {
        String[] strArr = {"http", "t3", "https", "t3s", "giop", "giops", "dcom", "ftp"};
        if (str == null) {
            return 0;
        }
        String lowerCase = str.toLowerCase();
        for (int i = 0; i < strArr.length; i++) {
            if (lowerCase.equals(strArr[i])) {
                return 1 << (i + 1);
            }
        }
        return -559038737;
    }

    protected static final int[] parseAddresses(String str) throws IOException {
        InetAddress[] allByName = InetAddress.getAllByName(str);
        int[] iArr = new int[allByName.length];
        for (int i = 0; i < allByName.length; i++) {
            iArr[i] = addressToInt(allByName[i]);
        }
        return iArr;
    }

    protected static final int parseSingleAddress(String str) throws IOException {
        if (str.equals("*")) {
            return -1;
        }
        return addressToInt(InetAddress.getByName(str));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final int addressToInt(InetAddress inetAddress) {
        byte[] address = inetAddress.getAddress();
        int i = 0;
        for (int i2 = 0; i2 < address.length; i2++) {
            i |= (255 & address[i2]) << (8 * ((address.length - i2) - 1));
        }
        return i;
    }

    protected static final int parseNetmask(String str) throws IOException {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ".");
        int countTokens = stringTokenizer.countTokens();
        try {
            if (countTokens == 1) {
                int parseInt = Integer.parseInt(stringTokenizer.nextToken());
                if (parseInt > 32 || parseInt < 0) {
                    throw new StreamCorruptedException(SecurityLogger.getBadNetMaskBits(str));
                }
                return ((1 << (32 - parseInt)) - 1) ^ (-1);
            }
            int i = 0;
            if (countTokens != 4) {
                throw new StreamCorruptedException(SecurityLogger.getBadNetMaskTokens(str));
            }
            int i2 = 24;
            while (stringTokenizer.hasMoreTokens()) {
                int parseInt2 = Integer.parseInt(stringTokenizer.nextToken());
                if (parseInt2 < 0 || parseInt2 > 255) {
                    throw new StreamCorruptedException(SecurityLogger.getBadNetMaskNum(str));
                }
                i |= parseInt2 << i2;
                i2 -= 8;
            }
            return i;
        } catch (NumberFormatException e) {
            throw new StreamCorruptedException(SecurityLogger.getBadNetMaskFormat(str));
        }
    }

    protected static final boolean parseAction(String str) throws IOException {
        String lowerCase = str.toLowerCase();
        if (lowerCase.equals("allow")) {
            return true;
        }
        if (lowerCase.equals("deny")) {
            return false;
        }
        throw new StreamCorruptedException(SecurityLogger.getBadAction(lowerCase));
    }

    public static final boolean filterEnabled() {
        return SecurityService.getConnectionFilterEnabled();
    }

    public static final ConnectionFilter getFilter() {
        return SecurityService.getConnectionFilter();
    }

    public static final void setFilter(ConnectionFilter connectionFilter) {
        if (connectionFilter == null) {
            throw new NullPointerException(SecurityLogger.getNullFilter());
        }
        if (SecurityService.getConnectionFilter() != null) {
            throw new SecurityException(SecurityLogger.getSetFilterMoreThanOnce());
        }
        SecurityService.setConnectionFilter(connectionFilter);
    }
}
