package weblogic.t3.srvr;

import java.security.AccessController;
import weblogic.kernel.KernelStatus;
import weblogic.kernel.T3SrvrLogger;
import weblogic.management.configuration.MachineMBean;
import weblogic.management.configuration.UnixMachineMBean;
import weblogic.management.provider.ManagementService;
import weblogic.platform.OperatingSystem;
import weblogic.platform.Unix;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.utils.Debug;
import weblogic.utils.DebugCategory;

/* loaded from: input_file:weblogic/t3/srvr/SetUIDRendezvous.class */
public final class SetUIDRendezvous {
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private static final DebugCategory dbg = Debug.getCategory("weblogic.DebugSetUID");
    private static final SetUIDRendezvous singleton = new SetUIDRendezvous();
    private boolean canSwitchUsers;
    private final String privilegedUser;
    private final String privilegedGroup;
    private final OperatingSystem os = OperatingSystem.getOS();
    private final String unPrivilegedUser = getNonPrivUser();
    private final String unPrivilegedGroup = getNonPrivGroup();

    private SetUIDRendezvous() {
        String str = null;
        String str2 = null;
        if ((this.unPrivilegedUser != null || this.unPrivilegedGroup != null) && (this.os instanceof Unix) && KernelStatus.isServer()) {
            str = this.os.getUser();
            str2 = this.os.getGroup();
            if (str != null || str2 != null) {
                this.canSwitchUsers = true;
            }
        }
        this.privilegedUser = str;
        this.privilegedGroup = str2;
    }

    public static synchronized void initialize() {
        if (dbg.isEnabled()) {
            T3SrvrLogger.logDebugSetUID("current user=" + singleton.privilegedUser + " current group=" + singleton.privilegedGroup + " target user=" + singleton.unPrivilegedUser + " target group=" + singleton.unPrivilegedGroup + " canSwithUsers=" + singleton.canSwitchUsers);
        }
        singleton.makeUnPrivileged();
    }

    public static synchronized void finish() {
        singleton.makePrivileged();
        singleton.makeUnPrivilegedFinal();
        if (dbg.isEnabled()) {
            T3SrvrLogger.logDebugSetUID("switching uid/gid done.");
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:16:0x0042, code lost:
    
        if (weblogic.t3.srvr.SetUIDRendezvous.dbg.isEnabled() == false) goto L15;
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x0045, code lost:
    
        weblogic.kernel.T3SrvrLogger.logDebugSetUID("Done action " + r3);
     */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x005c, code lost:
    
        weblogic.t3.srvr.SetUIDRendezvous.singleton.makeUnPrivileged();
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x003a, code lost:
    
        throw r5;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static synchronized java.lang.Throwable doPrivileged(java.security.PrivilegedAction r3) {
        /*
            weblogic.t3.srvr.SetUIDRendezvous r0 = weblogic.t3.srvr.SetUIDRendezvous.singleton     // Catch: java.lang.Throwable -> L35
            r0.makePrivileged()     // Catch: java.lang.Throwable -> L35
            weblogic.utils.DebugCategory r0 = weblogic.t3.srvr.SetUIDRendezvous.dbg     // Catch: java.lang.Throwable -> L35
            boolean r0 = r0.isEnabled()     // Catch: java.lang.Throwable -> L35
            if (r0 == 0) goto L26
            java.lang.StringBuilder r0 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L35
            r1 = r0
            r1.<init>()     // Catch: java.lang.Throwable -> L35
            java.lang.String r1 = "Running action "
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Throwable -> L35
            r1 = r3
            java.lang.StringBuilder r0 = r0.append(r1)     // Catch: java.lang.Throwable -> L35
            java.lang.String r0 = r0.toString()     // Catch: java.lang.Throwable -> L35
            java.lang.String r0 = weblogic.kernel.T3SrvrLogger.logDebugSetUID(r0)     // Catch: java.lang.Throwable -> L35
        L26:
            r0 = r3
            java.lang.Object r0 = r0.run()     // Catch: java.lang.Throwable -> L35
            java.lang.Throwable r0 = (java.lang.Throwable) r0     // Catch: java.lang.Throwable -> L35
            r4 = r0
            r0 = jsr -> L3b
        L33:
            r1 = r4
            return r1
        L35:
            r5 = move-exception
            r0 = jsr -> L3b
        L39:
            r1 = r5
            throw r1
        L3b:
            r6 = r0
            weblogic.utils.DebugCategory r0 = weblogic.t3.srvr.SetUIDRendezvous.dbg
            boolean r0 = r0.isEnabled()
            if (r0 == 0) goto L5c
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            r1 = r0
            r1.<init>()
            java.lang.String r1 = "Done action "
            java.lang.StringBuilder r0 = r0.append(r1)
            r1 = r3
            java.lang.StringBuilder r0 = r0.append(r1)
            java.lang.String r0 = r0.toString()
            java.lang.String r0 = weblogic.kernel.T3SrvrLogger.logDebugSetUID(r0)
        L5c:
            weblogic.t3.srvr.SetUIDRendezvous r0 = weblogic.t3.srvr.SetUIDRendezvous.singleton
            r0.makeUnPrivileged()
            ret r6
        */
        throw new UnsupportedOperationException("Method not decompiled: weblogic.t3.srvr.SetUIDRendezvous.doPrivileged(java.security.PrivilegedAction):java.lang.Throwable");
    }

    private void setUser(String str) {
        if (str == null || str.length() == 0) {
            return;
        }
        try {
            this.os.setUser(str);
            T3SrvrLogger.logSwitchedToUser(str);
        } catch (IllegalArgumentException e) {
            T3SrvrLogger.logCantSwitchToUser(str, e);
        }
    }

    private void setGroup(String str) {
        if (str == null || str.length() == 0) {
            return;
        }
        try {
            this.os.setGroup(str);
            T3SrvrLogger.logSwitchedToGroup(str);
        } catch (IllegalArgumentException e) {
            T3SrvrLogger.logCantSwitchToGroup(str, e);
        }
    }

    private void setEUser(String str) {
        if (str == null || str.length() == 0) {
            return;
        }
        if (dbg.isEnabled()) {
            T3SrvrLogger.logDebugSetUID("Switching user to " + str);
        }
        try {
            this.os.setEffectiveUser(str);
            if (dbg.isEnabled()) {
                T3SrvrLogger.logDebugSetUID("Switched user to " + str);
            }
        } catch (IllegalArgumentException e) {
            T3SrvrLogger.logCantSwitchToUser(str, e);
        }
    }

    private void setEGroup(String str) {
        if (str == null || str.length() == 0) {
            return;
        }
        if (dbg.isEnabled()) {
            T3SrvrLogger.logDebugSetUID("Switching group to " + str);
        }
        try {
            this.os.setEffectiveGroup(str);
            if (dbg.isEnabled()) {
                T3SrvrLogger.logDebugSetUID("Switched group to " + str);
            }
        } catch (IllegalArgumentException e) {
            T3SrvrLogger.logCantSwitchToGroup(str, e);
        }
    }

    private void makeUnPrivilegedFinal() {
        if (this.canSwitchUsers) {
            this.canSwitchUsers = false;
            setGroup(this.unPrivilegedGroup);
            setUser(this.unPrivilegedUser);
            verifyReal(this.unPrivilegedGroup, this.unPrivilegedUser);
        }
    }

    private void makeUnPrivileged() {
        if (this.canSwitchUsers) {
            setEGroup(this.unPrivilegedGroup);
            setEUser(this.unPrivilegedUser);
            verifyEffective(this.unPrivilegedGroup, this.unPrivilegedUser);
        }
    }

    private void makePrivileged() {
        if (this.canSwitchUsers) {
            setEGroup(this.privilegedGroup);
            setEUser(this.privilegedUser);
            verifyEffective(this.privilegedGroup, this.privilegedUser);
        }
    }

    private void verifyEffective(String str, String str2) {
        if (str != null) {
            String effectiveGroup = this.os.getEffectiveGroup();
            if (!str.equals(effectiveGroup)) {
                throw new AssertionError(str + "!=" + effectiveGroup);
            }
        }
        if (str2 != null) {
            String effectiveUser = this.os.getEffectiveUser();
            if (!str2.equals(effectiveUser)) {
                throw new AssertionError(str2 + " != " + effectiveUser);
            }
        }
    }

    private void verifyReal(String str, String str2) {
        if (str != null) {
            String group = this.os.getGroup();
            if (!str.equals(group)) {
                throw new AssertionError(str + "!=" + group);
            }
        }
        if (str2 != null) {
            String user = this.os.getUser();
            if (!str2.equals(user)) {
                throw new AssertionError(str2 + " != " + user);
            }
        }
    }

    private static String getNonPrivUser() {
        if (!KernelStatus.isServer()) {
            return null;
        }
        String str = null;
        MachineMBean machine = ManagementService.getRuntimeAccess(kernelId).getServer().getMachine();
        if (machine != null && (machine instanceof UnixMachineMBean)) {
            UnixMachineMBean unixMachineMBean = (UnixMachineMBean) machine;
            if (unixMachineMBean.isPostBindUIDEnabled()) {
                str = unixMachineMBean.getPostBindUID();
            }
        }
        return str;
    }

    private static String getNonPrivGroup() {
        if (!KernelStatus.isServer()) {
            return null;
        }
        String str = null;
        MachineMBean machine = ManagementService.getRuntimeAccess(kernelId).getServer().getMachine();
        if (machine != null && (machine instanceof UnixMachineMBean)) {
            UnixMachineMBean unixMachineMBean = (UnixMachineMBean) machine;
            if (unixMachineMBean.isPostBindGIDEnabled()) {
                str = unixMachineMBean.getPostBindGID();
            }
        }
        return str;
    }
}
