package com.aoindustries.selinux;

import com.aoindustries.net.IPortRange;
import com.aoindustries.net.Port;
import com.aoindustries.net.PortRange;
import com.aoindustries.net.Protocol;
import com.aoindustries.util.AoCollections;
import com.aoindustries.util.ComparatorUtils;
import com.aoindustries.util.WrappedException;
import com.aoindustries.validation.ValidationException;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.SortedMap;
import java.util.SortedSet;
import java.util.StringTokenizer;
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/aoindustries/selinux/SEManagePort.class */
public class SEManagePort {
    private static final Logger logger;
    private static final Pattern listPattern;
    private static final SortedMap<PortRange, String> defaultPolicyExtensions;
    private static final String EOL;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v37, types: [java.util.List] */
    static SortedSet<IPortRange> findOverlaps(Iterable<? extends IPortRange> iterable) {
        ArrayList arrayList;
        if (iterable instanceof List) {
            arrayList = (List) iterable;
        } else if (iterable instanceof Collection) {
            arrayList = new ArrayList((Collection) iterable);
        } else {
            ArrayList arrayList2 = new ArrayList();
            Iterator<? extends IPortRange> it = iterable.iterator();
            while (it.hasNext()) {
                arrayList2.add(it.next());
            }
            arrayList = arrayList2;
        }
        TreeSet treeSet = new TreeSet();
        int size = arrayList.size();
        for (int i = 0; i < size; i++) {
            IPortRange iPortRange = (IPortRange) arrayList.get(i);
            for (int i2 = 0; i2 < i; i2++) {
                IPortRange iPortRange2 = (IPortRange) arrayList.get(i2);
                if (iPortRange.overlaps(iPortRange2)) {
                    treeSet.add(iPortRange);
                    treeSet.add(iPortRange2);
                }
            }
        }
        return treeSet;
    }

    private static <T extends Appendable> T dumpPolicy(SortedMap<? extends IPortRange, String> sortedMap, T t) throws IOException {
        for (Map.Entry<? extends IPortRange, String> entry : sortedMap.entrySet()) {
            t.append(entry.getKey().toString()).append('=').append(entry.getValue()).append(EOL);
        }
        return t;
    }

    private static String dumpPolicy(String str, SortedMap<? extends IPortRange, String> sortedMap) {
        try {
            return ((StringBuilder) dumpPolicy(sortedMap, new StringBuilder().append(str).append(EOL))).toString();
        } catch (IOException e) {
            AssertionError assertionError = new AssertionError("Should not happen on StringBuilder");
            assertionError.initCause(e);
            throw assertionError;
        }
    }

    private static boolean assertNoOverlaps(SortedMap<? extends IPortRange, String> sortedMap) throws AssertionError {
        SortedSet<IPortRange> findOverlaps = findOverlaps(sortedMap.keySet());
        if (findOverlaps.isEmpty()) {
            return true;
        }
        if (logger.isLoggable(Level.FINE)) {
            logger.fine(dumpPolicy("Policy with overlapping ports: " + findOverlaps, sortedMap));
        }
        throw new AssertionError("Port ranges overlap: " + findOverlaps);
    }

    private static boolean assertNoOverlaps(Iterable<? extends IPortRange> iterable) throws AssertionError {
        SortedSet<IPortRange> findOverlaps = findOverlaps(iterable);
        if (findOverlaps.isEmpty()) {
            return true;
        }
        throw new AssertionError("Port ranges overlap: " + findOverlaps);
    }

    private static SortedMap<IPortRange, String> coalesce(SortedMap<? extends IPortRange, String> sortedMap) {
        if (!$assertionsDisabled && !assertNoOverlaps(sortedMap)) {
            throw new AssertionError();
        }
        TreeMap treeMap = new TreeMap();
        for (Protocol protocol : new Protocol[]{Protocol.TCP, Protocol.UDP}) {
            IPortRange iPortRange = null;
            Object obj = null;
            for (Map.Entry<? extends IPortRange, String> entry : sortedMap.entrySet()) {
                IPortRange key = entry.getKey();
                if (protocol == key.getProtocol()) {
                    String value = entry.getValue();
                    if (iPortRange != null && iPortRange.getTo() + 1 == key.getFrom() && value.equals(obj)) {
                        treeMap.remove(iPortRange);
                        try {
                            key = IPortRange.valueOf(iPortRange.getFrom(), key.getTo(), protocol);
                        } catch (ValidationException e) {
                            throw new AssertionError(e);
                        }
                    }
                    treeMap.put(key, value);
                    iPortRange = key;
                    obj = value;
                }
            }
        }
        if ($assertionsDisabled || assertNoOverlaps(treeMap)) {
            return treeMap;
        }
        throw new AssertionError();
    }

    private static SortedSet<IPortRange> coalesce(SortedSet<? extends IPortRange> sortedSet) {
        if (!$assertionsDisabled && !assertNoOverlaps(sortedSet)) {
            throw new AssertionError();
        }
        TreeSet treeSet = new TreeSet();
        for (Protocol protocol : new Protocol[]{Protocol.TCP, Protocol.UDP}) {
            IPortRange iPortRange = null;
            for (IPortRange iPortRange2 : sortedSet) {
                if (protocol == iPortRange2.getProtocol()) {
                    if (iPortRange != null && iPortRange.getTo() + 1 == iPortRange2.getFrom()) {
                        treeSet.remove(iPortRange);
                        try {
                            iPortRange2 = IPortRange.valueOf(iPortRange.getFrom(), iPortRange2.getTo(), protocol);
                        } catch (ValidationException e) {
                            throw new AssertionError(e);
                        }
                    }
                    treeSet.add(iPortRange2);
                    iPortRange = iPortRange2;
                }
            }
        }
        if ($assertionsDisabled || assertNoOverlaps(treeSet)) {
            return treeSet;
        }
        throw new AssertionError();
    }

    static SortedMap<IPortRange, String> parseList(String str, Map<? extends IPortRange, String> map) throws IOException {
        String readLine;
        boolean z;
        String str2;
        TreeMap treeMap = new TreeMap();
        BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                return Collections.unmodifiableSortedMap(treeMap);
            }
            try {
                Matcher matcher = listPattern.matcher(readLine);
                if (!matcher.find()) {
                    throw new IOException("Line not matched: " + readLine);
                }
                if (!$assertionsDisabled && matcher.groupCount() != 3) {
                    throw new AssertionError();
                }
                String intern = matcher.group(1).intern();
                Protocol valueOf = Protocol.valueOf(matcher.group(2).toUpperCase(Locale.ROOT));
                z = false;
                StringTokenizer stringTokenizer = new StringTokenizer(matcher.group(3), ", ");
                while (stringTokenizer.hasMoreTokens()) {
                    z = true;
                    String nextToken = stringTokenizer.nextToken();
                    int indexOf = nextToken.indexOf(45);
                    Port valueOf2 = indexOf == -1 ? Port.valueOf(Integer.parseInt(nextToken), valueOf) : PortRange.valueOf(Integer.parseInt(nextToken.substring(0, indexOf)), Integer.parseInt(nextToken.substring(indexOf + 1)), valueOf);
                    if ((map == null || !intern.equals(map.get(valueOf2))) && (str2 = (String) treeMap.put(valueOf2, intern)) != null) {
                        throw new IllegalStateException("Duplicate types on same port (" + valueOf2 + "): " + str2 + " and " + intern);
                    }
                }
            } catch (ValidationException e) {
                throw new WrappedException("line = " + readLine, e);
            } catch (IllegalStateException e2) {
                throw new WrappedException("line = " + readLine, e2);
            }
        } while (z);
        throw new IOException("No port numbers found: " + readLine);
    }

    private static SortedMap<IPortRange, String> getLocalPolicy() throws IOException {
        return parseLocalPolicy(SEManage.execSemanage("port", "--noheading", "--list", "--locallist").getStdout());
    }

    static SortedMap<IPortRange, String> parseLocalPolicy(String str) throws IOException {
        SortedMap<IPortRange, String> parseList = parseList(str, null);
        if (logger.isLoggable(Level.FINEST)) {
            logger.finest(dumpPolicy("Local Policy:", (SortedMap<? extends IPortRange, String>) parseList));
        }
        if ($assertionsDisabled || assertNoOverlaps((SortedMap<? extends IPortRange, String>) parseList)) {
            return parseList;
        }
        throw new AssertionError();
    }

    private static SortedMap<IPortRange, String> getDefaultPolicy(SortedMap<? extends IPortRange, String> sortedMap) throws IOException {
        return parseDefaultPolicy(SEManage.execSemanage("port", "--noheading", "--list").getStdout(), sortedMap);
    }

    static SortedMap<IPortRange, String> parseDefaultPolicy(String str, SortedMap<? extends IPortRange, String> sortedMap) throws IOException {
        if (!$assertionsDisabled && !assertNoOverlaps(sortedMap)) {
            throw new AssertionError();
        }
        SortedMap<IPortRange, String> parseList = parseList(str, sortedMap);
        if (logger.isLoggable(Level.FINEST)) {
            logger.finest(dumpPolicy("Default Policy:", (SortedMap<? extends IPortRange, String>) parseList));
        }
        return parseList;
    }

    private static void overlay(SortedMap<IPortRange, String> sortedMap, IPortRange iPortRange, String str) {
        Iterator<Map.Entry<IPortRange, String>> it = sortedMap.entrySet().iterator();
        HashMap hashMap = new HashMap();
        while (it.hasNext()) {
            Map.Entry<IPortRange, String> next = it.next();
            IPortRange key = next.getKey();
            if (key.getFrom() > iPortRange.getTo()) {
                break;
            }
            if (iPortRange.overlaps(key)) {
                String value = next.getValue();
                it.remove();
                IPortRange splitBelow = key.splitBelow(iPortRange.getFrom());
                if (splitBelow != null && hashMap.put(splitBelow, value) != null) {
                    throw new AssertionError();
                }
                IPortRange splitAbove = key.splitAbove(iPortRange.getTo());
                if (splitAbove != null && hashMap.put(splitAbove, value) != null) {
                    throw new AssertionError();
                }
            }
        }
        sortedMap.putAll(hashMap);
        if (sortedMap.put(iPortRange, str) != null) {
            throw new AssertionError();
        }
    }

    public static SortedMap<IPortRange, String> getPolicy() throws IOException {
        SortedMap<IPortRange, String> localPolicy;
        SortedMap<IPortRange, String> defaultPolicy;
        synchronized (SEManage.semanageLock) {
            localPolicy = getLocalPolicy();
            defaultPolicy = getDefaultPolicy(localPolicy);
        }
        return parsePolicy(localPolicy, defaultPolicy);
    }

    static SortedMap<IPortRange, String> parsePolicy(SortedMap<? extends IPortRange, String> sortedMap, SortedMap<? extends IPortRange, String> sortedMap2) {
        if (!$assertionsDisabled && !assertNoOverlaps(sortedMap)) {
            throw new AssertionError();
        }
        TreeMap treeMap = new TreeMap();
        for (Map.Entry<PortRange, String> entry : defaultPolicyExtensions.entrySet()) {
            PortRange key = entry.getKey();
            if (!sortedMap2.containsKey(key)) {
                treeMap.put(key, entry.getValue());
            }
        }
        if (!$assertionsDisabled && !assertNoOverlaps(treeMap)) {
            throw new AssertionError();
        }
        TreeMap treeMap2 = new TreeMap(new Comparator<IPortRange>() { // from class: com.aoindustries.selinux.SEManagePort.1
            @Override // java.util.Comparator
            public int compare(IPortRange iPortRange, IPortRange iPortRange2) {
                int compare = ComparatorUtils.compare(iPortRange2.getTo() - iPortRange2.getFrom(), iPortRange.getTo() - iPortRange.getFrom());
                return compare != 0 ? compare : iPortRange.compareTo(iPortRange2);
            }
        });
        treeMap2.putAll(sortedMap2);
        for (Map.Entry entry2 : treeMap2.entrySet()) {
            overlay(treeMap, (IPortRange) entry2.getKey(), (String) entry2.getValue());
        }
        if (!$assertionsDisabled && !assertNoOverlaps(treeMap)) {
            throw new AssertionError();
        }
        for (Map.Entry<? extends IPortRange, String> entry3 : sortedMap.entrySet()) {
            overlay(treeMap, entry3.getKey(), entry3.getValue());
        }
        SortedMap<IPortRange, String> coalesce = coalesce(treeMap);
        if (!$assertionsDisabled && !assertNoOverlaps((SortedMap<? extends IPortRange, String>) coalesce)) {
            throw new AssertionError();
        }
        if (logger.isLoggable(Level.FINEST)) {
            logger.finest(dumpPolicy("Policy:", (SortedMap<? extends IPortRange, String>) coalesce));
        }
        return coalesce;
    }

    private static void add(IPortRange iPortRange, String str) throws IOException {
        if (logger.isLoggable(Level.INFO)) {
            logger.info("Adding SELinux port: " + iPortRange + "=" + str);
        }
        SEManage.execSemanage("port", "-a", "-t", str, "-p", iPortRange.getProtocol().name().toLowerCase(Locale.ROOT), getPortRange(iPortRange));
    }

    private static void modify(IPortRange iPortRange, String str) throws IOException {
        logger.info("Modifying SELinux port: " + iPortRange + "=" + str);
        SEManage.execSemanage("port", "-m", "-t", str, "-p", iPortRange.getProtocol().name().toLowerCase(Locale.ROOT), getPortRange(iPortRange));
    }

    private static void delete(IPortRange iPortRange, String str) throws IOException {
        logger.info("Deleting SELinux port: " + iPortRange + "=" + str);
        SEManage.execSemanage("port", "-d", "-t", str, "-p", iPortRange.getProtocol().name().toLowerCase(Locale.ROOT), getPortRange(iPortRange));
    }

    public static boolean configure(Set<? extends IPortRange> set, String str) throws IllegalArgumentException, IllegalStateException, IOException {
        boolean z;
        SortedSet<IPortRange> findOverlaps = findOverlaps(set);
        if (!findOverlaps.isEmpty()) {
            throw new IllegalArgumentException("Port ranges overlap: " + findOverlaps);
        }
        synchronized (SEManage.semanageLock) {
            SortedMap<IPortRange, String> localPolicy = getLocalPolicy();
            TreeMap treeMap = new TreeMap();
            for (IPortRange iPortRange : set) {
                int to = iPortRange.getTo();
                for (Map.Entry<IPortRange, String> entry : localPolicy.entrySet()) {
                    IPortRange key = entry.getKey();
                    if (key.getFrom() > to) {
                        break;
                    }
                    if (iPortRange.overlaps(key)) {
                        String value = entry.getValue();
                        if (!str.equals(value)) {
                            treeMap.put(key, value);
                        }
                    }
                }
            }
            if (!treeMap.isEmpty()) {
                throw new IllegalStateException("Port ranges (" + set + ") of type " + str + " conflict with other local policy: " + treeMap);
            }
            SortedSet<IPortRange> coalesce = coalesce(new TreeSet(set));
            SortedSet<IPortRange> filterByValue = AoCollections.filterByValue(localPolicy, str);
            boolean z2 = false;
            if (!coalesce.isEmpty()) {
                SortedMap<IPortRange, String> defaultPolicy = getDefaultPolicy(localPolicy);
                for (IPortRange iPortRange2 : coalesce) {
                    String str2 = defaultPolicy.get(iPortRange2);
                    if (!str.equals(str2) && !filterByValue.contains(iPortRange2)) {
                        Iterator it = filterByValue.iterator();
                        while (it.hasNext()) {
                            IPortRange iPortRange3 = (IPortRange) it.next();
                            if (!coalesce.contains(iPortRange3) && iPortRange3.overlaps(iPortRange2)) {
                                delete(iPortRange3, str);
                                it.remove();
                            }
                        }
                        if (str2 == null) {
                            add(iPortRange2, str);
                        } else {
                            if (!$assertionsDisabled && str.equals(str2)) {
                                throw new AssertionError();
                            }
                            modify(iPortRange2, str);
                        }
                        z2 = true;
                    }
                }
            }
            for (IPortRange iPortRange4 : filterByValue) {
                if (!coalesce.contains(iPortRange4)) {
                    delete(iPortRange4, str);
                    z2 = true;
                }
            }
            z = z2;
        }
        return z;
    }

    static String getPortRange(IPortRange iPortRange) {
        int from = iPortRange.getFrom();
        int to = iPortRange.getTo();
        return from == to ? Integer.toString(from) : Integer.toString(from) + '-' + Integer.toString(to);
    }

    private SEManagePort() {
    }

    static {
        $assertionsDisabled = !SEManagePort.class.desiredAssertionStatus();
        logger = Logger.getLogger(SEManagePort.class.getName());
        listPattern = Pattern.compile("^(\\S+)\\s+(\\S+)\\s+(\\S.*)$");
        try {
            TreeMap treeMap = new TreeMap();
            treeMap.put(PortRange.valueOf(1, 511, Protocol.TCP), "reserved_port_t");
            treeMap.put(PortRange.valueOf(1, 511, Protocol.UDP), "reserved_port_t");
            treeMap.put(PortRange.valueOf(512, 1023, Protocol.TCP), "hi_reserved_port_t");
            treeMap.put(PortRange.valueOf(512, 1023, Protocol.UDP), "hi_reserved_port_t");
            treeMap.put(PortRange.valueOf(1024, 32767, Protocol.TCP), "unreserved_port_t");
            treeMap.put(PortRange.valueOf(1024, 32767, Protocol.UDP), "unreserved_port_t");
            treeMap.put(PortRange.valueOf(32768, 61000, Protocol.TCP), "ephemeral_port_t");
            treeMap.put(PortRange.valueOf(32768, 61000, Protocol.UDP), "ephemeral_port_t");
            treeMap.put(PortRange.valueOf(61001, 65535, Protocol.TCP), "unreserved_port_t");
            treeMap.put(PortRange.valueOf(61001, 65535, Protocol.UDP), "unreserved_port_t");
            if (!$assertionsDisabled && !assertNoOverlaps(treeMap)) {
                throw new AssertionError();
            }
            defaultPolicyExtensions = Collections.unmodifiableSortedMap(treeMap);
            EOL = System.getProperty("line.separator");
        } catch (ValidationException e) {
            throw new AssertionError(e);
        }
    }
}
