package sun.applet;

import java.io.File;
import java.io.FileDescriptor;
import java.io.IOException;
import java.net.InetAddress;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.IdentityScope;
import java.util.Hashtable;
import java.util.StringTokenizer;
import java.util.Vector;
import sun.security.provider.IdentityDatabase;
import sun.security.provider.SystemIdentity;
import sun.security.provider.SystemSigner;

/* loaded from: input_file:sun/applet/AppletSecurity.class */
public class AppletSecurity extends SecurityManager {
    private static final boolean debug = false;
    static final int NETWORK_NONE = 1;
    static final int NETWORK_HOST = 2;
    static final int NETWORK_UNRESTRICTED = 3;
    private static final int PRIVELEGED_PORT = 1024;
    boolean initACL;
    String[] readACL;
    String[] writeACL;
    int networkMode;
    IdentityScope scope;
    Hashtable loadedClasses;

    public AppletSecurity() {
        reset();
    }

    public void reset() {
        String property = System.getProperty("appletviewer.security.mode");
        if (property == null) {
            property = "host";
        }
        if (property.equals("unrestricted")) {
            this.networkMode = 3;
        } else if (property.equals("none")) {
            this.networkMode = 1;
        } else {
            this.networkMode = 2;
        }
        IdentityScope systemScope = IdentityScope.getSystemScope();
        if (systemScope instanceof IdentityDatabase) {
            this.scope = (IdentityDatabase) systemScope;
        }
        this.loadedClasses = new Hashtable();
    }

    boolean fromApplet() {
        return classLoaderDepth() == 1;
    }

    protected boolean assessTrust(Object[] objArr) {
        for (int i = 0; i < objArr.length; i++) {
            if (objArr[i] instanceof SystemIdentity) {
                if (((SystemIdentity) objArr[i]).isTrusted()) {
                    return true;
                }
            } else if ((objArr[i] instanceof SystemSigner) && ((SystemSigner) objArr[i]).isTrusted()) {
                return true;
            }
        }
        return false;
    }

    boolean inApplet() {
        return inClassLoader();
    }

    @Override // java.lang.SecurityManager
    public Object getSecurityContext() {
        ClassLoader currentClassLoader = currentClassLoader();
        if (currentClassLoader == null) {
            return null;
        }
        if (currentClassLoader instanceof AppletClassLoader) {
            return ((AppletClassLoader) currentClassLoader).base;
        }
        throw new AppletSecurityException("getsecuritycontext.unknown");
    }

    @Override // java.lang.SecurityManager
    public synchronized boolean getInCheck() {
        return super.getInCheck();
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkCreateClassLoader() {
        if (classLoaderDepth() == 2) {
            throw new AppletSecurityException("checkcreateclassloader");
        }
    }

    protected boolean inThreadGroup(ThreadGroup threadGroup) {
        ClassLoader currentClassLoader = currentClassLoader();
        if (currentClassLoader instanceof AppletClassLoader) {
            return ((AppletClassLoader) currentClassLoader).getThreadGroup().parentOf(threadGroup);
        }
        return false;
    }

    protected boolean inThreadGroup(Thread thread) {
        return inThreadGroup(thread.getThreadGroup());
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkAccess(Thread thread) {
        if (classLoaderDepth() == 3 && !inThreadGroup(thread)) {
            throw new AppletSecurityException("checkaccess.thread");
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkAccess(ThreadGroup threadGroup) {
        if (classLoaderDepth() == 4 && !inThreadGroup(threadGroup)) {
            throw new AppletSecurityException("checkaccess.threadgroup", threadGroup.toString());
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkExit(int i) {
        if (inApplet()) {
            throw new AppletSecurityException("checkexit", String.valueOf(i));
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkExec(String str) {
        if (inApplet()) {
            throw new AppletSecurityException("checkexec", str);
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkLink(String str) {
        switch (classLoaderDepth()) {
            case 2:
            case 3:
                throw new AppletSecurityException("checklink", str);
            default:
                return;
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkPropertiesAccess() {
        if (classLoaderDepth() == 2) {
            throw new AppletSecurityException("checkpropsaccess");
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkPropertyAccess(String str) {
        if (classLoaderDepth() == 2) {
            String property = System.getProperty(new StringBuffer(String.valueOf(str)).append(".applet").toString());
            if (!new Boolean(property).booleanValue()) {
                throw new AppletSecurityException("checkpropsaccess.key", property);
            }
        }
    }

    void parseACL(Vector vector, String str, String str2) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, System.getProperty("path.separator"));
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken.startsWith("~")) {
                vector.addElement(new StringBuffer(String.valueOf(System.getProperty("user.home"))).append(nextToken.substring(1)).toString());
            } else if (!nextToken.equals("+")) {
                vector.addElement(nextToken);
            } else if (str2 != null) {
                parseACL(vector, str2, null);
            }
        }
    }

    String[] parseACL(String str, String str2) {
        if (str == null) {
            return new String[0];
        }
        if (str.equals("*")) {
            return null;
        }
        Vector vector = new Vector();
        parseACL(vector, str, str2);
        String[] strArr = new String[vector.size()];
        vector.copyInto(strArr);
        return strArr;
    }

    void initializeACLs() {
        this.readACL = parseACL(System.getProperty("acl.read"), System.getProperty("acl.read.default"));
        this.writeACL = parseACL(System.getProperty("acl.write"), System.getProperty("acl.write.default"));
        this.initACL = true;
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkRead(String str) {
        ClassLoader currentClassLoader = currentClassLoader();
        if (currentClassLoader == null) {
            return;
        }
        if (!(currentClassLoader instanceof AppletClassLoader)) {
            throw new AppletSecurityException("checkread.unknown", str);
        }
        AppletClassLoader appletClassLoader = (AppletClassLoader) currentClassLoader;
        if (!(appletClassLoader.getResourceLoader().loadOnDemand() && inApplet() && inClass("sun.applet.AppletResourceLoader") && classDepth("sun.applet.AppletResourceLoader") >= 3) && classDepth("sun.applet.JARCache") <= 1) {
            checkRead(str, appletClassLoader.base);
        }
    }

    public synchronized void checkRead(String str, URL url) {
        if (url != null) {
            if (!this.initACL) {
                initializeACLs();
            }
            if (this.readACL == null) {
                return;
            }
            try {
                String canonicalPath = new File(str).getCanonicalPath();
                int length = this.readACL.length;
                do {
                    int i = length;
                    length--;
                    if (i <= 0) {
                        String host = url.getHost();
                        if (url.getProtocol().equals("file") && (host == null || host.equals("") || host.equals("~") || host.equals("localhost"))) {
                            try {
                                if (canonicalPath.startsWith(new File(url.getFile()).getCanonicalPath())) {
                                    return;
                                }
                            } catch (IOException e) {
                                throw new AppletSecurityException("checkread.exception2", e.toString());
                            }
                        }
                        throw new AppletSecurityException("checkread", str, canonicalPath);
                    }
                } while (!canonicalPath.startsWith(this.readACL[length]));
            } catch (IOException e2) {
                throw new AppletSecurityException("checkread.exception1", e2.getMessage(), str);
            }
        }
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str, Object obj) {
        checkRead(str);
        if (obj != null) {
            checkRead(str, (URL) obj);
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkWrite(String str) {
        ClassLoader currentClassLoader = currentClassLoader();
        if (!((currentClassLoader instanceof AppletClassLoader) && ((AppletClassLoader) currentClassLoader).getResourceLoader().loadOnDemand() && inApplet() && inClass("sun.applet.AppletResourceLoader") && classDepth("sun.applet.AppletResourceLoader") >= 4) && classDepth("sun.applet.JARCache") <= 1 && inApplet()) {
            if (!this.initACL) {
                initializeACLs();
            }
            if (this.writeACL == null) {
                return;
            }
            try {
                String canonicalPath = new File(str).getCanonicalPath();
                int length = this.writeACL.length;
                do {
                    int i = length;
                    length--;
                    if (i <= 0) {
                        throw new AppletSecurityException("checkwrite", str, canonicalPath);
                    }
                } while (!canonicalPath.startsWith(this.writeACL[length]));
            } catch (IOException e) {
                throw new AppletSecurityException("checkwrite.exception", e.getMessage(), str);
            }
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkDelete(String str) {
        checkWrite(str);
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkRead(FileDescriptor fileDescriptor) {
        if ((inApplet() && !inClass("java.net.SocketInputStream")) || !fileDescriptor.valid()) {
            throw new AppletSecurityException("checkread.fd");
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkWrite(FileDescriptor fileDescriptor) {
        if ((inApplet() && !inClass("java.net.SocketOutputStream")) || !fileDescriptor.valid()) {
            throw new AppletSecurityException("checkwrite.fd");
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkListen(int i) {
        if (inApplet() && i > 0 && i < 1024) {
            throw new AppletSecurityException("checklisten", String.valueOf(i));
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkAccept(String str, int i) {
        if (inApplet() && i < 1024) {
            throw new AppletSecurityException("checkaccept", str, String.valueOf(i));
        }
        checkConnect(str, i);
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkConnect(String str, int i) {
        ClassLoader currentClassLoader = currentClassLoader();
        if (currentClassLoader != null && classDepth("sun.net.www.http.HttpClient") <= 1) {
            if (!(currentClassLoader instanceof AppletClassLoader)) {
                throw new AppletSecurityException("checkconnect.unknown");
            }
            checkConnect(((AppletClassLoader) currentClassLoader).base.getHost(), str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkConnect(String str, int i, Object obj) {
        checkConnect(str, i);
        if (obj != null) {
            checkConnect(((URL) obj).getHost(), str);
        }
    }

    public synchronized void checkConnect(String str, String str2, boolean z) {
        if (str == null) {
            return;
        }
        switch (this.networkMode) {
            case 1:
                throw new AppletSecurityException("checkconnect.networknone", str, str2);
            case 2:
                try {
                    this.inCheck = true;
                    if (!str.equals(str2)) {
                        try {
                            if (!InetAddress.getByName(str).equals(InetAddress.getByName(str2))) {
                                throw new AppletSecurityException("checkconnect.networkhost1", str2, str);
                            }
                            this.inCheck = false;
                            return;
                        } catch (UnknownHostException unused) {
                            throw new AppletSecurityException("checkconnect.networkhost2", str2, str);
                        }
                    }
                    try {
                        InetAddress.getByName(str2);
                        this.inCheck = false;
                        return;
                    } catch (UnknownHostException unused2) {
                        if (!z) {
                            throw new AppletSecurityException("checkconnect.networkhost3", str2);
                        }
                        this.inCheck = false;
                        return;
                    }
                } catch (Throwable th) {
                    this.inCheck = false;
                    throw th;
                }
                this.inCheck = false;
                throw th;
            case 3:
                return;
            default:
                throw new AppletSecurityException("checkconnect", str, str2);
        }
    }

    public synchronized void checkConnect(String str, String str2) {
        checkConnect(str, str2, Boolean.getBoolean("trustProxy"));
    }

    @Override // java.lang.SecurityManager
    public void checkMulticast(InetAddress inetAddress) {
        if (inApplet()) {
            throw new AppletSecurityException("checkMulticast");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkMulticast(InetAddress inetAddress, byte b) {
        if (inApplet()) {
            throw new AppletSecurityException("checkMulticast");
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized boolean checkTopLevelWindow(Object obj) {
        return !inClassLoader();
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkPackageAccess(String str) {
        if (!inClassLoader()) {
            return;
        }
        int indexOf = str.indexOf(46);
        while (true) {
            int i = indexOf;
            if (i <= 0) {
                return;
            }
            if (Boolean.getBoolean(new StringBuffer("package.restrict.access.").append(str.substring(0, i)).toString())) {
                throw new AppletSecurityException("checkpackageaccess", str);
            }
            indexOf = str.indexOf(46, i + 1);
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkPackageDefinition(String str) {
        if (!inClassLoader()) {
            return;
        }
        int indexOf = str.indexOf(46);
        while (true) {
            int i = indexOf;
            if (i <= 0) {
                return;
            }
            if (Boolean.getBoolean(new StringBuffer("package.restrict.definition.").append(str.substring(0, i)).toString())) {
                throw new AppletSecurityException("checkpackagedefinition", str);
            }
            indexOf = str.indexOf(46, i + 1);
        }
    }

    @Override // java.lang.SecurityManager
    public synchronized void checkSetFactory() {
        if (inApplet() && !inClass("sun.net.www.MimeTable")) {
            throw new AppletSecurityException("cannotsetfactory");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkMemberAccess(Class cls, int i) {
        ClassLoader currentClassLoader;
        if (i != 0 && (currentClassLoader = currentClassLoader()) != null && classLoaderDepth() <= 3 && currentClassLoader != cls.getClassLoader()) {
            throw new AppletSecurityException("checkmemberaccess");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPrintJobAccess() {
        if (inApplet()) {
            throw new AppletSecurityException("checkgetprintjob");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkSystemClipboardAccess() {
        if (inApplet()) {
            throw new AppletSecurityException("checksystemclipboardaccess");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkAwtEventQueueAccess() {
        if (inApplet()) {
            throw new AppletSecurityException("checkawteventqueueaccess");
        }
    }

    @Override // java.lang.SecurityManager
    public void checkSecurityAccess(String str) {
        ClassLoader currentClassLoader = currentClassLoader();
        if (!((currentClassLoader instanceof AppletClassLoader) && ((AppletClassLoader) currentClassLoader).getResourceLoader().loadOnDemand() && inApplet() && inClass("sun.applet.AppletResourceLoader") && classDepth("sun.applet.AppletResourceLoader") >= 3) && inApplet()) {
            throw new AppletSecurityException("checksecurityaccess", str);
        }
    }

    @Override // java.lang.SecurityManager
    public ThreadGroup getThreadGroup() {
        ClassLoader currentClassLoader = currentClassLoader();
        return (currentClassLoader == null || !(currentClassLoader instanceof AppletClassLoader)) ? super.getThreadGroup() : ((AppletClassLoader) currentClassLoader).getThreadGroup();
    }

    public void debug(String str) {
    }
}
