package org.apache.geode.internal;

import java.io.IOException;
import java.io.ObjectInputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
import java.util.Collection;
import java.util.HashSet;
import org.apache.geode.GemFireConfigException;
import org.apache.geode.InternalGemFireError;
import org.apache.geode.InternalGemFireException;
import org.apache.geode.distributed.internal.DistributedSystemService;
import org.apache.geode.internal.logging.LogService;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:org/apache/geode/internal/ObjectInputStreamFilterWrapper.class */
public class ObjectInputStreamFilterWrapper implements InputStreamFilter {
    private static final Logger logger = LogService.getLogger();
    private boolean usingJava8;
    private Object serializationFilter;
    private Class configClass;
    private Method setObjectInputFilterMethod;
    private Method createFilterMethod;
    private Class filterClass;
    private Object ALLOWED;
    private Object REJECTED;
    private Method checkInputMethod;
    private Class filterInfoClass;
    private Method serialClassMethod;

    public ObjectInputStreamFilterWrapper(String str, Collection<DistributedSystemService> collection) {
        HashSet hashSet = new HashSet(500);
        for (DistributedSystemService distributedSystemService : collection) {
            try {
                Collection<String> serializationAcceptlist = distributedSystemService.getSerializationAcceptlist();
                logger.info("loaded {} sanctioned serializables from {}", Integer.valueOf(serializationAcceptlist.size()), distributedSystemService.getClass().getSimpleName());
                hashSet.addAll(serializationAcceptlist);
            } catch (IOException e) {
                throw new InternalGemFireException("error initializing serialization filter for " + distributedSystemService, e);
            }
        }
        try {
            Collection<String> loadClassNames = InternalDataSerializer.loadClassNames(ClassPathLoader.getLatest().getResource(InternalDataSerializer.class, "sanctioned-geode-core-serializables.txt"));
            Collection<String> loadClassNames2 = InternalDataSerializer.loadClassNames(ClassPathLoader.getLatest().getResource(InternalDataSerializer.class, "sanctioned-geode-management-serializables.txt"));
            hashSet.addAll(loadClassNames);
            hashSet.addAll(loadClassNames2);
            logger.info("setting a serialization filter containing {}", str);
            if (createJava8Filter(str, hashSet)) {
                return;
            }
            createJava9Filter(str, hashSet);
        } catch (IOException e2) {
            throw new InternalGemFireException("unable to read sanctionedSerializables.txt to form a serialization acceptlist", e2);
        }
    }

    @Override // org.apache.geode.internal.InputStreamFilter
    public void setFilterOn(ObjectInputStream objectInputStream) {
        try {
            if (this.usingJava8) {
                this.setObjectInputFilterMethod.invoke(this.configClass, objectInputStream, this.serializationFilter);
            } else {
                this.setObjectInputFilterMethod.invoke(objectInputStream, this.serializationFilter);
            }
        } catch (IllegalAccessException | InvocationTargetException e) {
            throw new InternalGemFireError("Unable to filter serialization", e);
        }
    }

    private boolean createJava8Filter(String str, Collection<String> collection) {
        ClassPathLoader latest = ClassPathLoader.getLatest();
        try {
            this.filterInfoClass = latest.forName("sun.misc.ObjectInputFilter$FilterInfo");
            this.serialClassMethod = this.filterInfoClass.getDeclaredMethod("serialClass", new Class[0]);
            this.filterClass = latest.forName("sun.misc.ObjectInputFilter");
            this.checkInputMethod = this.filterClass.getDeclaredMethod("checkInput", this.filterInfoClass);
            Class<?> forName = latest.forName("sun.misc.ObjectInputFilter$Status");
            this.ALLOWED = forName.getEnumConstants()[1];
            this.REJECTED = forName.getEnumConstants()[2];
            if (!this.ALLOWED.toString().equals("ALLOWED") || !this.REJECTED.toString().equals("REJECTED")) {
                throw new GemFireConfigException("ObjectInputFilter$Status enumeration in this JDK is not as expected");
            }
            this.configClass = latest.forName("sun.misc.ObjectInputFilter$Config");
            this.setObjectInputFilterMethod = this.configClass.getDeclaredMethod("setObjectInputFilter", ObjectInputStream.class, this.filterClass);
            this.createFilterMethod = this.configClass.getDeclaredMethod("createFilter", String.class);
            this.serializationFilter = createSerializationFilter(str, collection);
            this.usingJava8 = true;
            return true;
        } catch (ClassNotFoundException | IllegalAccessException | NoSuchMethodException | InvocationTargetException e) {
            if (this.filterInfoClass != null) {
                throw new GemFireConfigException("A serialization filter has been specified but Geode was unable to configure a filter", e);
            }
            return false;
        }
    }

    private void createJava9Filter(String str, Collection<String> collection) {
        try {
            ClassPathLoader latest = ClassPathLoader.getLatest();
            this.filterInfoClass = latest.forName("java.io.ObjectInputFilter$FilterInfo");
            this.serialClassMethod = this.filterInfoClass.getDeclaredMethod("serialClass", new Class[0]);
            this.filterClass = latest.forName("java.io.ObjectInputFilter");
            this.checkInputMethod = this.filterClass.getDeclaredMethod("checkInput", this.filterInfoClass);
            Class<?> forName = latest.forName("java.io.ObjectInputFilter$Status");
            this.ALLOWED = forName.getEnumConstants()[1];
            this.REJECTED = forName.getEnumConstants()[2];
            if (!this.ALLOWED.toString().equals("ALLOWED") || !this.REJECTED.toString().equals("REJECTED")) {
                throw new GemFireConfigException("ObjectInputFilter$Status enumeration in this JDK is not as expected");
            }
            this.configClass = latest.forName("java.io.ObjectInputFilter$Config");
            this.setObjectInputFilterMethod = ObjectInputStream.class.getDeclaredMethod("setObjectInputFilter", this.filterClass);
            this.createFilterMethod = this.configClass.getDeclaredMethod("createFilter", String.class);
            this.serializationFilter = createSerializationFilter(str, collection);
        } catch (ClassNotFoundException | IllegalAccessException | NoSuchMethodException | InvocationTargetException e) {
            throw new GemFireConfigException("A serialization filter has been specified but Geode was unable to configure a filter", e);
        }
    }

    private Object createSerializationFilter(String str, Collection<String> collection) throws InvocationTargetException, IllegalAccessException {
        Object invoke = this.createFilterMethod.invoke(null, str);
        return Proxy.newProxyInstance(ClassPathLoader.getLatest().asClassLoader(), new Class[]{this.filterClass}, (obj, method, objArr) -> {
            String name = method.getName();
            boolean z = -1;
            switch (name.hashCode()) {
                case -538810462:
                    if (name.equals("checkInput")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    Object obj = objArr[0];
                    Class cls = (Class) this.serialClassMethod.invoke(obj, new Object[0]);
                    if (cls == null) {
                        return this.checkInputMethod.invoke(invoke, obj);
                    }
                    String name2 = cls.getName();
                    if (cls.isArray()) {
                        name2 = cls.getComponentType().getName();
                    }
                    if (collection.contains(name2)) {
                        return this.ALLOWED;
                    }
                    Object invoke2 = this.checkInputMethod.invoke(invoke, obj);
                    if (invoke2 == this.REJECTED) {
                        logger.fatal("Serialization filter is rejecting class {}", name2, new Exception(""));
                    }
                    return invoke2;
                default:
                    throw new UnsupportedOperationException("ObjectInputFilter." + method.getName() + " is not implemented");
            }
        });
    }
}
