package org.hsqldb.server;

import com.ibm.icu.text.PluralRules;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.StringTokenizer;
import org.hsqldb.Tokens;
import org.hsqldb.map.BitMap;

/* loaded from: input_file:webapps/yigo/bin/hsqldb-2.3.1.jar:org/hsqldb/server/ServerAcl.class */
public final class ServerAcl {
    protected static final byte[] ALL_SET_4BYTES = {-1, -1, -1, -1};
    protected static final byte[] ALL_SET_16BYTES = {-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1};
    private static AclEntry PROHIBIT_ALL_IPV4;
    private static AclEntry PROHIBIT_ALL_IPV6;
    private File aclFile;
    private PrintWriter pw = null;
    private long lastLoadTime = 0;
    private List aclEntries = load();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:webapps/yigo/bin/hsqldb-2.3.1.jar:org/hsqldb/server/ServerAcl$AclEntry.class */
    public static final class AclEntry {
        private byte[] value;
        private byte[] mask;
        private int bitBlockSize;
        public boolean allow;

        public AclEntry(byte[] bArr, int i, boolean z) throws AclFormatException {
            byte[] bArr2;
            switch (bArr.length) {
                case 4:
                    bArr2 = ServerAcl.ALL_SET_4BYTES;
                    break;
                case 16:
                    bArr2 = ServerAcl.ALL_SET_16BYTES;
                    break;
                default:
                    throw new IllegalArgumentException("Only 4 and 16 bytes supported, not " + bArr.length);
            }
            if (i > bArr.length * 8) {
                throw new IllegalArgumentException("Specified " + i + " significant bits, but value only has " + (bArr.length * 8) + " bits");
            }
            this.bitBlockSize = i;
            this.value = bArr;
            this.mask = BitMap.leftShift(bArr2, (bArr.length * 8) - i);
            if (this.mask.length != bArr.length) {
                throw new RuntimeException("Basic program assertion failed.  Generated mask length " + this.mask.length + " (bytes) does not match given value length " + bArr.length + " (bytes).");
            }
            this.allow = z;
            validateMask();
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer("Addrs ");
            stringBuffer.append(this.value.length == 16 ? Tokens.T_LEFTBRACKET + ServerAcl.colonNotation(this.value) + ']' : ServerAcl.dottedNotation(this.value));
            stringBuffer.append("/" + this.bitBlockSize + ' ' + (this.allow ? "ALLOW" : "DENY"));
            return stringBuffer.toString();
        }

        public boolean matches(byte[] bArr) {
            return this.value.length == bArr.length && !BitMap.hasAnyBitSet(BitMap.xor(this.value, BitMap.and(bArr, this.mask)));
        }

        public void validateMask() throws AclFormatException {
            if (BitMap.hasAnyBitSet(BitMap.and(this.value, BitMap.not(this.mask)))) {
                throw new AclFormatException("The base address '" + ServerAcl.dottedNotation(this.value) + "' is too specific for block-size-spec /" + this.bitBlockSize);
            }
        }
    }

    /* loaded from: input_file:webapps/yigo/bin/hsqldb-2.3.1.jar:org/hsqldb/server/ServerAcl$AclFormatException.class */
    public static final class AclFormatException extends Exception {
        public AclFormatException(String str) {
            super(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:webapps/yigo/bin/hsqldb-2.3.1.jar:org/hsqldb/server/ServerAcl$InternalException.class */
    public static final class InternalException extends Exception {
        private InternalException() {
        }
    }

    public static String dottedNotation(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < bArr.length; i++) {
            if (i > 0) {
                stringBuffer.append('.');
            }
            stringBuffer.append(bArr[i] & 255);
        }
        return stringBuffer.toString();
    }

    public static String colonNotation(byte[] bArr) {
        if ((bArr.length / 2) * 2 != bArr.length) {
            throw new RuntimeException("At this time .colonNotation only handles even byte quantities");
        }
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < bArr.length; i += 2) {
            if (i > 0) {
                stringBuffer.append(':');
            }
            stringBuffer.append(Integer.toHexString(((bArr[i] & 255) * 256) + (bArr[i + 1] & 255)));
        }
        return stringBuffer.toString();
    }

    public void setPrintWriter(PrintWriter printWriter) {
        this.pw = printWriter;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < this.aclEntries.size(); i++) {
            if (i > 0) {
                stringBuffer.append('\n');
            }
            stringBuffer.append("Entry " + (i + 1) + PluralRules.KEYWORD_RULE_SEPARATOR + this.aclEntries.get(i));
        }
        return stringBuffer.toString();
    }

    public boolean permitAccess(String str) {
        try {
            return permitAccess(InetAddress.getByName(str).getAddress());
        } catch (UnknownHostException e) {
            println("'" + str + "' denied because failed to resolve to an addr");
            return false;
        }
    }

    public boolean permitAccess(byte[] bArr) {
        ensureAclsUptodate();
        for (int i = 0; i < this.aclEntries.size(); i++) {
            if (((AclEntry) this.aclEntries.get(i)).matches(bArr)) {
                AclEntry aclEntry = (AclEntry) this.aclEntries.get(i);
                println("Addr '" + dottedNotation(bArr) + "' matched rule #" + (i + 1) + ":  " + aclEntry);
                return aclEntry.allow;
            }
        }
        throw new RuntimeException("No rule matches address '" + dottedNotation(bArr) + "'");
    }

    private void println(String str) {
        if (this.pw == null) {
            return;
        }
        this.pw.println(str);
        this.pw.flush();
    }

    public ServerAcl(File file) throws IOException, AclFormatException {
        this.aclFile = file;
    }

    protected synchronized void ensureAclsUptodate() {
        if (this.lastLoadTime > this.aclFile.lastModified()) {
            return;
        }
        try {
            this.aclEntries = load();
            println("ACLs reloaded from file");
        } catch (Exception e) {
            println("Failed to reload ACL file.  Retaining old ACLs.  " + e);
        }
    }

    protected List load() throws IOException, AclFormatException {
        boolean z;
        if (!this.aclFile.exists()) {
            throw new IOException("File '" + this.aclFile.getAbsolutePath() + "' is not present");
        }
        if (!this.aclFile.isFile()) {
            throw new IOException("'" + this.aclFile.getAbsolutePath() + "' is not a regular file");
        }
        if (!this.aclFile.canRead()) {
            throw new IOException("'" + this.aclFile.getAbsolutePath() + "' is not accessible");
        }
        String str = null;
        int i = 0;
        BufferedReader bufferedReader = new BufferedReader(new FileReader(this.aclFile));
        ArrayList arrayList = new ArrayList();
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    arrayList.add(PROHIBIT_ALL_IPV4);
                    arrayList.add(PROHIBIT_ALL_IPV6);
                    this.lastLoadTime = new Date().getTime();
                    return arrayList;
                }
                i++;
                String trim = readLine.trim();
                if (trim.length() >= 1 && trim.charAt(0) != '#') {
                    StringTokenizer stringTokenizer = new StringTokenizer(trim);
                    try {
                        if (stringTokenizer.countTokens() != 2) {
                            throw new InternalException();
                        }
                        String nextToken = stringTokenizer.nextToken();
                        String nextToken2 = stringTokenizer.nextToken();
                        int indexOf = nextToken2.indexOf(47);
                        if (indexOf > -1) {
                            str = nextToken2.substring(indexOf + 1);
                            nextToken2 = nextToken2.substring(0, indexOf);
                        }
                        byte[] address = InetAddress.getByName(nextToken2).getAddress();
                        int length = str == null ? address.length * 8 : Integer.parseInt(str);
                        if (nextToken.equalsIgnoreCase("allow")) {
                            z = true;
                        } else if (nextToken.equalsIgnoreCase("permit")) {
                            z = true;
                        } else if (nextToken.equalsIgnoreCase("accept")) {
                            z = true;
                        } else if (nextToken.equalsIgnoreCase("prohibit")) {
                            z = false;
                        } else if (nextToken.equalsIgnoreCase("deny")) {
                            z = false;
                        } else {
                            if (!nextToken.equalsIgnoreCase("reject")) {
                                throw new InternalException();
                            }
                            z = false;
                        }
                        try {
                            arrayList.add(new AclEntry(address, length, z));
                        } catch (AclFormatException e) {
                            throw new AclFormatException("Syntax error at ACL file '" + this.aclFile.getAbsolutePath() + "', line " + i + PluralRules.KEYWORD_RULE_SEPARATOR + e.toString());
                        }
                    } catch (NumberFormatException e2) {
                        throw new AclFormatException("Syntax error at ACL file '" + this.aclFile.getAbsolutePath() + "', line " + i);
                    } catch (InternalException e3) {
                        throw new AclFormatException("Syntax error at ACL file '" + this.aclFile.getAbsolutePath() + "', line " + i);
                    }
                }
            } finally {
                bufferedReader.close();
            }
        }
    }

    public static void main(String[] strArr) throws AclFormatException, IOException {
        if (strArr.length > 1) {
            throw new RuntimeException("Try: java -cp path/to/hsqldb.jar " + ServerAcl.class.getName() + " --help");
        }
        if (strArr.length > 0 && strArr[0].equals("--help")) {
            System.err.println("SYNTAX: java -cp path/to/hsqldb.jar " + ServerAcl.class.getName() + " [filepath.txt]");
            System.err.println("ACL file path defaults to 'acl.txt' in the current directory.");
            System.exit(0);
        }
        ServerAcl serverAcl = new ServerAcl(new File(strArr.length == 0 ? "acl.txt" : strArr[0]));
        serverAcl.setPrintWriter(new PrintWriter(System.out));
        System.out.println(serverAcl.toString());
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(System.in));
        System.out.println("Enter hostnames or IP addresses to be tested (one per line).");
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                return;
            }
            String trim = readLine.trim();
            if (trim.length() >= 1) {
                System.out.println(Boolean.toString(serverAcl.permitAccess(trim)));
            }
        }
    }

    static {
        try {
            PROHIBIT_ALL_IPV4 = new AclEntry(InetAddress.getByName(ServerConstants.SC_DEFAULT_ADDRESS).getAddress(), 0, false);
            PROHIBIT_ALL_IPV6 = new AclEntry(InetAddress.getByName("::").getAddress(), 0, false);
        } catch (UnknownHostException e) {
            throw new RuntimeException("Unexpected problem in static initializer", e);
        } catch (AclFormatException e2) {
            throw new RuntimeException("Unexpected problem in static initializer", e2);
        }
    }
}
