package eu.unicore.uftp.server;

import eu.unicore.uftp.dpc.AuthorizationFailureException;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
import org.apache.log4j.spi.LoggingEventFieldResolver;

/* loaded from: input_file:eu/unicore/uftp/server/ACLHandler.class */
public class ACLHandler {
    private static final Logger logger = Logger.getLogger(ACLHandler.class);
    private final File aclFile;
    private final FileWatcher watchDog;
    private final boolean active;
    private final Set<String> acceptedDNs;

    public ACLHandler() throws IOException {
        this(new File("conf", "uftpd.acl"));
    }

    public ACLHandler(File file) throws IOException {
        this.acceptedDNs = new HashSet();
        this.aclFile = file;
        if (!file.exists()) {
            logger.warn("ACL not active: file <" + file + "> does not exist");
            this.active = false;
            this.watchDog = null;
        } else {
            this.active = true;
            logger.info("Using ACL file " + file);
            readACL();
            this.watchDog = new FileWatcher(file, new Runnable() { // from class: eu.unicore.uftp.server.ACLHandler.1
                @Override // java.lang.Runnable
                public void run() {
                    ACLHandler.this.readACL();
                }
            });
            this.watchDog.schedule(3000, TimeUnit.MILLISECONDS);
        }
    }

    protected void readACL() {
        synchronized (this.acceptedDNs) {
            BufferedReader bufferedReader = null;
            try {
                try {
                    bufferedReader = new BufferedReader(new FileReader(this.aclFile));
                    this.acceptedDNs.clear();
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        }
                        String trim = readLine.trim();
                        if (!trim.startsWith("#")) {
                            if (!trim.trim().equals(LoggingEventFieldResolver.EMPTY_STRING)) {
                                try {
                                    this.acceptedDNs.add(new X500Principal(trim).getName());
                                    logger.info("Allowing access for <" + trim + ">");
                                } catch (Exception e) {
                                    logger.warn("Invalid entry <" + trim + ">", e);
                                }
                            }
                        }
                    }
                } catch (Exception e2) {
                    logger.fatal("ACL file read error!", e2);
                    if (bufferedReader != null) {
                        try {
                            bufferedReader.close();
                        } catch (IOException e3) {
                        }
                    }
                }
            } finally {
                if (0 != 0) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e4) {
                    }
                }
            }
        }
    }

    public void checkAccess(String str) throws AuthorizationFailureException {
        if (this.active) {
            logger.debug("Check access from " + str);
            synchronized (this.acceptedDNs) {
                if (!this.acceptedDNs.contains(str)) {
                    throw new AuthorizationFailureException("Access denied!\n\nTo allow access for this certificate, the distinguished name \n\"" + str + "\nneeds to be entered into the ACL file.\nPlease check the UFTPD's ACL file!\n\n");
                }
            }
        }
    }
}
