package org.apache.logging.log4j.core.net;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Properties;
import java.util.concurrent.TimeUnit;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.logging.log4j.core.appender.AbstractManager;
import org.apache.logging.log4j.core.appender.ManagerFactory;
import org.apache.logging.log4j.core.util.JndiCloser;
import org.apache.logging.log4j.core.util.NetUtils;
import org.apache.logging.log4j.util.PropertiesUtil;

/* loaded from: input_file:META-INF/bundled-dependencies/log4j-core-2.16.0.jar:org/apache/logging/log4j/core/net/JndiManager.class */
public class JndiManager extends AbstractManager {
    public static final String ALLOWED_HOSTS = "allowedLdapHosts";
    public static final String ALLOWED_CLASSES = "allowedLdapClasses";
    public static final String ALLOWED_PROTOCOLS = "allowedJndiProtocols";
    private static final String PREFIX = "log4j2.";
    private static final String LDAP = "ldap";
    private static final String SERIALIZED_DATA = "javaSerializedData";
    private static final String CLASS_NAME = "javaClassName";
    private static final String REFERENCE_ADDRESS = "javaReferenceAddress";
    private static final String OBJECT_FACTORY = "javaFactory";
    private final List<String> allowedHosts;
    private final List<String> allowedClasses;
    private final List<String> allowedProtocols;
    private final DirContext context;
    private static final JndiManagerFactory FACTORY = new JndiManagerFactory();
    private static final List<String> permanentAllowedHosts = NetUtils.getLocalIps();
    private static final List<String> permanentAllowedClasses = Arrays.asList(Boolean.class.getName(), Byte.class.getName(), Character.class.getName(), Double.class.getName(), Float.class.getName(), Integer.class.getName(), Long.class.getName(), Short.class.getName(), String.class.getName());
    private static final String JAVA = "java";
    private static final String LDAPS = "ldaps";
    private static final List<String> permanentAllowedProtocols = Arrays.asList(JAVA, "ldap", LDAPS);

    /* loaded from: input_file:META-INF/bundled-dependencies/log4j-core-2.16.0.jar:org/apache/logging/log4j/core/net/JndiManager$JndiManagerFactory.class */
    private static class JndiManagerFactory implements ManagerFactory<JndiManager, Properties> {
        private JndiManagerFactory() {
        }

        @Override // org.apache.logging.log4j.core.appender.ManagerFactory
        public JndiManager createManager(String str, Properties properties) {
            if (!JndiManager.isJndiEnabled()) {
                return new JndiManager(str);
            }
            String property = properties != null ? properties.getProperty(JndiManager.ALLOWED_HOSTS) : null;
            String property2 = properties != null ? properties.getProperty(JndiManager.ALLOWED_CLASSES) : null;
            String property3 = properties != null ? properties.getProperty(JndiManager.ALLOWED_PROTOCOLS) : null;
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            ArrayList arrayList3 = new ArrayList();
            addAll(property, arrayList, JndiManager.permanentAllowedHosts, JndiManager.ALLOWED_HOSTS, properties);
            addAll(property2, arrayList2, JndiManager.permanentAllowedClasses, JndiManager.ALLOWED_CLASSES, properties);
            addAll(property3, arrayList3, JndiManager.permanentAllowedProtocols, JndiManager.ALLOWED_PROTOCOLS, properties);
            try {
                return new JndiManager(str, new InitialDirContext(properties), arrayList, arrayList2, arrayList3);
            } catch (NamingException e) {
                JndiManager.LOGGER.error("Error creating JNDI InitialContext.", e);
                return null;
            }
        }

        private void addAll(String str, List<String> list, List<String> list2, String str2, Properties properties) {
            if (str != null) {
                list.addAll(Arrays.asList(str.split("\\s*,\\s*")));
                properties.remove(str2);
            }
            String stringProperty = PropertiesUtil.getProperties().getStringProperty(JndiManager.PREFIX + str2);
            if (stringProperty != null) {
                list.addAll(Arrays.asList(stringProperty.split("\\s*,\\s*")));
            }
            list.addAll(list2);
        }
    }

    public static boolean isJndiEnabled() {
        return PropertiesUtil.getProperties().getBooleanProperty("log4j2.enableJndi", false);
    }

    private JndiManager(String str, DirContext dirContext, List<String> list, List<String> list2, List<String> list3) {
        super(null, str);
        this.context = dirContext;
        this.allowedHosts = list;
        this.allowedClasses = list2;
        this.allowedProtocols = list3;
    }

    private JndiManager(String str) {
        super(null, str);
        this.context = null;
        this.allowedProtocols = null;
        this.allowedClasses = null;
        this.allowedHosts = null;
    }

    public static JndiManager getDefaultManager() {
        return (JndiManager) getManager(JndiManager.class.getName(), FACTORY, null);
    }

    public static JndiManager getDefaultManager(String str) {
        return (JndiManager) getManager(str, FACTORY, null);
    }

    public static JndiManager getJndiManager(String str, String str2, String str3, String str4, String str5, Properties properties) {
        return (JndiManager) getManager(createManagerName(), FACTORY, createProperties(str, str2, str3, str4, str5, properties));
    }

    public static JndiManager getJndiManager(Properties properties) {
        return (JndiManager) getManager(createManagerName(), FACTORY, properties);
    }

    private static String createManagerName() {
        return JndiManager.class.getName() + '@' + JndiManager.class.hashCode();
    }

    public static Properties createProperties(String str, String str2, String str3, String str4, String str5, Properties properties) {
        if (str == null) {
            return null;
        }
        Properties properties2 = new Properties();
        properties2.setProperty("java.naming.factory.initial", str);
        if (str2 != null) {
            properties2.setProperty("java.naming.provider.url", str2);
        } else {
            LOGGER.warn("The JNDI InitialContextFactory class name [{}] was provided, but there was no associated provider URL. This is likely to cause problems.", str);
        }
        if (str3 != null) {
            properties2.setProperty("java.naming.factory.url.pkgs", str3);
        }
        if (str4 != null) {
            properties2.setProperty("java.naming.security.principal", str4);
            if (str5 != null) {
                properties2.setProperty("java.naming.security.credentials", str5);
            } else {
                LOGGER.warn("A security principal [{}] was provided, but with no corresponding security credentials.", str4);
            }
        }
        if (properties != null) {
            properties2.putAll(properties);
        }
        return properties2;
    }

    @Override // org.apache.logging.log4j.core.appender.AbstractManager
    protected boolean releaseSub(long j, TimeUnit timeUnit) {
        if (this.context != null) {
            return JndiCloser.closeSilently(this.context);
        }
        return true;
    }

    public synchronized <T> T lookup(String str) throws NamingException {
        if (this.context == null) {
            return null;
        }
        try {
            URI uri = new URI(str);
            if (uri.getScheme() != null) {
                if (!this.allowedProtocols.contains(uri.getScheme().toLowerCase(Locale.ROOT))) {
                    LOGGER.warn("Log4j JNDI does not allow protocol {}", uri.getScheme());
                    return null;
                }
                if ("ldap".equalsIgnoreCase(uri.getScheme()) || LDAPS.equalsIgnoreCase(uri.getScheme())) {
                    if (!this.allowedHosts.contains(uri.getHost())) {
                        LOGGER.warn("Attempt to access ldap server not in allowed list");
                        return null;
                    }
                    Attributes attributes = this.context.getAttributes(str);
                    if (attributes != null) {
                        HashMap hashMap = new HashMap();
                        NamingEnumeration all = attributes.getAll();
                        while (all.hasMore()) {
                            Attribute attribute = (Attribute) all.next();
                            hashMap.put(attribute.getID(), attribute);
                        }
                        Attribute attribute2 = (Attribute) hashMap.get("javaClassName");
                        if (hashMap.get(SERIALIZED_DATA) != null) {
                            if (attribute2 == null) {
                                LOGGER.warn("No class name provided for {}", str);
                                return null;
                            }
                            String obj = attribute2.get().toString();
                            if (!this.allowedClasses.contains(obj)) {
                                LOGGER.warn("Deserialization of {} is not allowed", obj);
                                return null;
                            }
                        } else if (hashMap.get(REFERENCE_ADDRESS) != null || hashMap.get(OBJECT_FACTORY) != null) {
                            LOGGER.warn("Referenceable class is not allowed for {}", str);
                            return null;
                        }
                    }
                }
            }
            return (T) this.context.lookup(str);
        } catch (URISyntaxException e) {
            LOGGER.warn("Invalid JNDI URI - {}", str);
            return null;
        }
    }

    public String toString() {
        return "JndiManager [context=" + this.context + ", count=" + this.count + DefaultExpressionEngine.DEFAULT_ATTRIBUTE_END;
    }
}
