package org.wildfly.security.manager;

import java.io.FileDescriptor;
import java.lang.reflect.Field;
import java.net.InetAddress;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permission;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.ProtectionDomain;
import java.util.Arrays;
import java.util.Map;
import java.util.Properties;
import java.util.PropertyPermission;
import java.util.concurrent.atomic.AtomicIntegerFieldUpdater;
import java.util.concurrent.atomic.AtomicLongFieldUpdater;
import java.util.concurrent.atomic.AtomicReferenceFieldUpdater;
import org.apache.cxf.phase.Phase;
import org.wildfly.common.Assert;
import org.wildfly.security.ParametricPrivilegedAction;
import org.wildfly.security.ParametricPrivilegedExceptionAction;
import org.wildfly.security.manager._private.SecurityMessages;
import org.wildfly.security.manager.action.ClearPropertyAction;
import org.wildfly.security.manager.action.GetClassLoaderAction;
import org.wildfly.security.manager.action.GetContextClassLoaderAction;
import org.wildfly.security.manager.action.GetEnvironmentAction;
import org.wildfly.security.manager.action.GetProtectionDomainAction;
import org.wildfly.security.manager.action.GetSystemPropertiesAction;
import org.wildfly.security.manager.action.ReadEnvironmentPropertyAction;
import org.wildfly.security.manager.action.ReadPropertyAction;
import org.wildfly.security.manager.action.SetContextClassLoaderAction;
import org.wildfly.security.manager.action.WritePropertyAction;
import org.wildfly.security.permission.PermissionVerifier;
import sun.misc.Unsafe;

/* JADX WARN: Classes with same name are omitted:
  input_file:BOOT-INF/lib/wildfly-elytron-1.15.3.Final-redhat-00001.jar:org/wildfly/security/manager/WildFlySecurityManager.class
 */
/* loaded from: input_file:BOOT-INF/lib/wildfly-elytron-security-manager-1.15.3.Final-redhat-00001.jar:org/wildfly/security/manager/WildFlySecurityManager.class */
public final class WildFlySecurityManager extends SecurityManager implements PermissionVerifier {
    private static final boolean LOG_ONLY;
    private static final Unsafe unsafe;
    private static final long pdStackOffset;
    private static final WildFlySecurityManager INSTANCE;
    private static final boolean hasGetCallerClass;
    private static final boolean usingStackWalker;
    private static final Class<?>[] ATOMIC_FIELD_UPDATER_TYPES;
    private static final ClassValue<AccessControlContext> ACC_CACHE;
    private static final PrivilegedAction<Object> PA_TRAMPOLINE1;
    private static final PrivilegedExceptionAction<Object> PA_TRAMPOLINE2;
    private static final Permission SECURITY_MANAGER_PERMISSION = new RuntimePermission("setSecurityManager");
    private static final Permission PROPERTIES_PERMISSION = new PropertyPermission("*", "read,write");
    private static final Permission ENVIRONMENT_PERMISSION = new RuntimePermission("getenv.*");
    private static final Permission GET_CLASS_LOADER_PERMISSION = new RuntimePermission("getClassLoader");
    private static final Permission SET_CLASS_LOADER_PERMISSION = new RuntimePermission("setClassLoader");
    private static final Permission ACCESS_DECLARED_MEMBERS_PERMISSION = new RuntimePermission("accessDeclaredMembers");
    private static final ThreadLocal<Context> CTX = new ThreadLocal<Context>() { // from class: org.wildfly.security.manager.WildFlySecurityManager.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public Context initialValue() {
            return new Context();
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:BOOT-INF/lib/wildfly-elytron-1.15.3.Final-redhat-00001.jar:org/wildfly/security/manager/WildFlySecurityManager$Context.class
     */
    /* loaded from: input_file:BOOT-INF/lib/wildfly-elytron-security-manager-1.15.3.Final-redhat-00001.jar:org/wildfly/security/manager/WildFlySecurityManager$Context.class */
    public static class Context {
        boolean checking = true;
        boolean entered = false;
        ParametricPrivilegedAction<Object, Object> action1;
        ParametricPrivilegedExceptionAction<Object, Object> action2;
        Object parameter;

        Context() {
        }
    }

    @Deprecated
    public static void install() throws SecurityException {
        if (System.getSecurityManager() instanceof WildFlySecurityManager) {
            return;
        }
        System.setSecurityManager(new WildFlySecurityManager());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Class<?> getCallerClass(int i) {
        return hasGetCallerClass ? JDKSpecific.getCallerClass(i + 1) : getCallStack()[i + 2];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Class<?>[] getCallStack() {
        return INSTANCE.getClassContext();
    }

    public static boolean isChecking() {
        SecurityManager securityManager = System.getSecurityManager();
        return securityManager instanceof WildFlySecurityManager ? doCheck() : securityManager != null;
    }

    @Override // java.lang.SecurityManager, org.wildfly.security.permission.PermissionVerifier
    public void checkPermission(Permission permission) throws SecurityException {
        checkPermission(permission, AccessController.getContext());
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission, Object obj) throws SecurityException {
        if (!(obj instanceof AccessControlContext)) {
            throw SecurityMessages.access.unknownContext();
        }
        checkPermission(permission, (AccessControlContext) obj);
    }

    public static ProtectionDomain findAccessDenial(Permission permission, ProtectionDomain... protectionDomainArr) {
        ProtectionDomain protectionDomain = null;
        if (protectionDomainArr != null) {
            for (ProtectionDomain protectionDomain2 : protectionDomainArr) {
                if (!protectionDomain2.implies(permission)) {
                    CodeSource codeSource = protectionDomain2.getCodeSource();
                    ClassLoader classLoader = protectionDomain2.getClassLoader();
                    Principal[] principals = protectionDomain2.getPrincipals();
                    if (principals == null || principals.length == 0) {
                        SecurityMessages.access.accessCheckFailed(permission, codeSource, classLoader);
                    } else {
                        SecurityMessages.access.accessCheckFailed(permission, codeSource, classLoader, Arrays.toString(principals));
                    }
                    if (SecurityMessages.access.isTraceEnabled()) {
                        SecurityMessages.access.trace("Permission check failed (permission \"" + permission + "\" in protection domain " + protectionDomain2 + " )", new RuntimeException("Exception not thrown, analysis only."));
                    }
                    if (protectionDomain == null && !LOG_ONLY) {
                        protectionDomain = protectionDomain2;
                    }
                }
            }
        }
        return protectionDomain;
    }

    public static boolean tryCheckPermission(Permission permission, ProtectionDomain... protectionDomainArr) {
        if (permission.implies(SECURITY_MANAGER_PERMISSION)) {
            return false;
        }
        Context context = CTX.get();
        if (!context.checking || context.entered) {
            return true;
        }
        context.entered = true;
        try {
            if (findAccessDenial(permission, protectionDomainArr) != null) {
                return false;
            }
            context.entered = false;
            return true;
        } finally {
            context.entered = false;
        }
    }

    @Override // org.wildfly.security.permission.PermissionVerifier
    public boolean implies(Permission permission) {
        return tryCheckPermission(permission, getProtectionDomainStack(AccessController.getContext()));
    }

    public void checkPermission(Permission permission, AccessControlContext accessControlContext) throws SecurityException {
        ProtectionDomain findAccessDenial;
        if (permission.implies(SECURITY_MANAGER_PERMISSION)) {
            throw SecurityMessages.access.secMgrChange();
        }
        Context context = CTX.get();
        if (!context.checking || context.entered) {
            return;
        }
        context.entered = true;
        try {
            ProtectionDomain[] protectionDomainStack = getProtectionDomainStack(accessControlContext);
            if (protectionDomainStack == null || (findAccessDenial = findAccessDenial(permission, protectionDomainStack)) == null) {
            } else {
                throw SecurityMessages.access.accessControlException(permission, permission, findAccessDenial.getCodeSource(), findAccessDenial.getClassLoader());
            }
        } finally {
            context.entered = false;
        }
    }

    private static ProtectionDomain[] getProtectionDomainStack(AccessControlContext accessControlContext) {
        return (ProtectionDomain[]) unsafe.getObject(accessControlContext, pdStackOffset);
    }

    private static boolean doCheck() {
        return doCheck(CTX.get());
    }

    private static boolean doCheck(Context context) {
        return context.checking && !context.entered;
    }

    @Override // java.lang.SecurityManager
    public void checkCreateClassLoader() {
        if (doCheck()) {
            super.checkCreateClassLoader();
        }
    }

    @Override // java.lang.SecurityManager
    public void checkAccess(Thread thread) {
        if (doCheck()) {
            super.checkAccess(thread);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkAccess(ThreadGroup threadGroup) {
        if (doCheck()) {
            super.checkAccess(threadGroup);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkExit(int i) {
        if (doCheck()) {
            super.checkExit(i);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkExec(String str) {
        if (doCheck()) {
            super.checkExec(str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkLink(String str) {
        if (doCheck()) {
            super.checkLink(str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkRead(FileDescriptor fileDescriptor) {
        if (doCheck()) {
            super.checkRead(fileDescriptor);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str) {
        if (doCheck()) {
            super.checkRead(str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str, Object obj) {
        if (doCheck()) {
            super.checkRead(str, obj);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkWrite(FileDescriptor fileDescriptor) {
        if (doCheck()) {
            super.checkWrite(fileDescriptor);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkWrite(String str) {
        if (doCheck()) {
            super.checkWrite(str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkDelete(String str) {
        if (doCheck()) {
            super.checkDelete(str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkConnect(String str, int i) {
        if (doCheck()) {
            super.checkConnect(str, i);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkConnect(String str, int i, Object obj) {
        if (doCheck()) {
            super.checkConnect(str, i, obj);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkListen(int i) {
        if (doCheck()) {
            super.checkListen(i);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkAccept(String str, int i) {
        if (doCheck()) {
            super.checkAccept(str, i);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkMulticast(InetAddress inetAddress) {
        if (doCheck()) {
            super.checkMulticast(inetAddress);
        }
    }

    @Override // java.lang.SecurityManager
    @Deprecated
    public void checkMulticast(InetAddress inetAddress, byte b) {
        if (doCheck()) {
            super.checkMulticast(inetAddress, b);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPropertiesAccess() {
        if (doCheck()) {
            super.checkPropertiesAccess();
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPropertyAccess(String str) {
        Context context = CTX.get();
        if (doCheck(context)) {
            Class[] classContext = getClassContext();
            if (classContext.length < 3) {
                super.checkPropertyAccess(str);
                return;
            }
            if (classContext[1] != System.class) {
                super.checkPropertyAccess(str);
                return;
            }
            Class cls = classContext[2];
            if (classContext.length >= 4) {
                for (int i = 2; i < classContext.length && (classContext[i] == Boolean.class || classContext[i] == Integer.class || classContext[i] == Long.class || classContext[i] == System.class); i++) {
                    cls = classContext[i + 1];
                }
            }
            context.entered = true;
            try {
                ProtectionDomain protectionDomain = cls.getProtectionDomain();
                ClassLoader classLoader = cls.getClassLoader();
                ClassLoader classLoader2 = Object.class.getClassLoader();
                context.entered = false;
                if (classLoader == classLoader2) {
                    super.checkPropertyAccess(str);
                    return;
                }
                PropertyPermission propertyPermission = new PropertyPermission(str, Phase.READ);
                if (protectionDomain.implies(propertyPermission)) {
                    return;
                }
                checkPermission((Permission) propertyPermission, AccessController.getContext());
            } catch (Throwable th) {
                context.entered = false;
                throw th;
            }
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPrintJobAccess() {
        if (doCheck()) {
            super.checkPrintJobAccess();
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPackageAccess(String str) {
        if (doCheck()) {
            super.checkPackageAccess(str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPackageDefinition(String str) {
        if (doCheck()) {
            super.checkPackageDefinition(str);
        }
    }

    @Override // java.lang.SecurityManager
    public void checkSetFactory() {
        if (doCheck()) {
            super.checkSetFactory();
        }
    }

    private static boolean isAssignableToOneOf(Class<?> cls, Class<?>... clsArr) {
        for (Class<?> cls2 : clsArr) {
            if (cls2.isAssignableFrom(cls)) {
                return true;
            }
        }
        return false;
    }

    @Override // java.lang.SecurityManager
    @Deprecated
    public void checkMemberAccess(Class<?> cls, int i) {
        Context context = CTX.get();
        if (doCheck(context)) {
            Assert.checkNotNullParam("class", cls);
            if (i != 0) {
                Class[] classContext = getClassContext();
                int length = classContext.length;
                if (length >= 4 && classContext[1] == Class.class && classContext[2] == Class.class) {
                    context.entered = true;
                    try {
                        ClassLoader classLoader = Object.class.getClassLoader();
                        ClassLoader classLoader2 = cls.getClassLoader();
                        for (int i2 = 3; i2 < length; i2++) {
                            ClassLoader classLoader3 = classContext[i2].getClassLoader();
                            if (classLoader3 != classLoader) {
                                if (classLoader2 == classLoader3) {
                                    return;
                                }
                                checkPermission(ACCESS_DECLARED_MEMBERS_PERMISSION);
                                context.entered = false;
                                return;
                            }
                            if (!isAssignableToOneOf(classContext[i2], ATOMIC_FIELD_UPDATER_TYPES)) {
                                checkPermission(ACCESS_DECLARED_MEMBERS_PERMISSION);
                                context.entered = false;
                                return;
                            }
                        }
                        context.entered = false;
                    } finally {
                        context.entered = false;
                    }
                }
                checkPermission(ACCESS_DECLARED_MEMBERS_PERMISSION);
            }
        }
    }

    @Override // java.lang.SecurityManager
    public void checkSecurityAccess(String str) {
        if (doCheck()) {
            super.checkSecurityAccess(str);
        }
    }

    public static <T> T doChecked(PrivilegedAction<T> privilegedAction) {
        Context context = CTX.get();
        if (context.checking) {
            return privilegedAction.run();
        }
        context.checking = true;
        try {
            return privilegedAction.run();
        } finally {
            context.checking = false;
        }
    }

    public static <T> T doChecked(PrivilegedExceptionAction<T> privilegedExceptionAction) throws PrivilegedActionException {
        Context context = CTX.get();
        if (context.checking) {
            try {
                return privilegedExceptionAction.run();
            } catch (RuntimeException e) {
                throw e;
            } catch (Exception e2) {
                throw new PrivilegedActionException(e2);
            }
        }
        context.checking = true;
        try {
            try {
                T run = privilegedExceptionAction.run();
                context.checking = false;
                return run;
            } catch (RuntimeException e3) {
                throw e3;
            } catch (Exception e4) {
                throw new PrivilegedActionException(e4);
            }
        } catch (Throwable th) {
            context.checking = false;
            throw th;
        }
    }

    public static <T> T doChecked(PrivilegedAction<T> privilegedAction, AccessControlContext accessControlContext) {
        Context context = CTX.get();
        if (context.checking) {
            return (T) AccessController.doPrivileged(privilegedAction, accessControlContext);
        }
        context.checking = true;
        try {
            T t = (T) AccessController.doPrivileged(privilegedAction, accessControlContext);
            context.checking = false;
            return t;
        } catch (Throwable th) {
            context.checking = false;
            throw th;
        }
    }

    public static <T> T doChecked(PrivilegedExceptionAction<T> privilegedExceptionAction, AccessControlContext accessControlContext) throws PrivilegedActionException {
        Context context = CTX.get();
        if (context.checking) {
            try {
                return (T) AccessController.doPrivileged(privilegedExceptionAction, accessControlContext);
            } catch (RuntimeException e) {
                throw e;
            } catch (Exception e2) {
                throw new PrivilegedActionException(e2);
            }
        }
        context.checking = true;
        try {
            T t = (T) AccessController.doPrivileged(privilegedExceptionAction, accessControlContext);
            context.checking = false;
            return t;
        } catch (Throwable th) {
            context.checking = false;
            throw th;
        }
    }

    public static <T, P> T doChecked(P p, ParametricPrivilegedAction<T, P> parametricPrivilegedAction) {
        Context context = CTX.get();
        if (context.checking) {
            return parametricPrivilegedAction.run(p);
        }
        context.checking = true;
        try {
            T run = parametricPrivilegedAction.run(p);
            context.checking = false;
            return run;
        } catch (Throwable th) {
            context.checking = false;
            throw th;
        }
    }

    public static <T, P> T doChecked(P p, ParametricPrivilegedExceptionAction<T, P> parametricPrivilegedExceptionAction) throws PrivilegedActionException {
        Context context = CTX.get();
        if (context.checking) {
            try {
                return parametricPrivilegedExceptionAction.run(p);
            } catch (RuntimeException e) {
                throw e;
            } catch (Exception e2) {
                throw new PrivilegedActionException(e2);
            }
        }
        context.checking = true;
        try {
            try {
                T run = parametricPrivilegedExceptionAction.run(p);
                context.checking = false;
                return run;
            } catch (RuntimeException e3) {
                throw e3;
            } catch (Exception e4) {
                throw new PrivilegedActionException(e4);
            }
        } catch (Throwable th) {
            context.checking = false;
            throw th;
        }
    }

    public static <T, P> T doChecked(P p, ParametricPrivilegedAction<T, P> parametricPrivilegedAction, AccessControlContext accessControlContext) {
        Context context = CTX.get();
        if (context.checking) {
            return (T) doPrivilegedWithParameter(p, parametricPrivilegedAction, accessControlContext);
        }
        context.checking = true;
        try {
            T t = (T) doPrivilegedWithParameter(p, parametricPrivilegedAction, accessControlContext);
            context.checking = false;
            return t;
        } catch (Throwable th) {
            context.checking = false;
            throw th;
        }
    }

    public static <T, P> T doChecked(P p, ParametricPrivilegedExceptionAction<T, P> parametricPrivilegedExceptionAction, AccessControlContext accessControlContext) throws PrivilegedActionException {
        Context context = CTX.get();
        if (context.checking) {
            return (T) doPrivilegedWithParameter(p, parametricPrivilegedExceptionAction, accessControlContext);
        }
        context.checking = true;
        try {
            T t = (T) doPrivilegedWithParameter(p, parametricPrivilegedExceptionAction, accessControlContext);
            context.checking = false;
            return t;
        } catch (Throwable th) {
            context.checking = false;
            throw th;
        }
    }

    public static <T> T doUnchecked(PrivilegedAction<T> privilegedAction) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (T) AccessController.doPrivileged(privilegedAction, getCallerAccessControlContext()) : privilegedAction.run();
        }
        Context context = CTX.get();
        if (!context.checking) {
            return privilegedAction.run();
        }
        context.checking = false;
        if (securityManager != null) {
            try {
                checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
            } catch (Throwable th) {
                context.checking = true;
                throw th;
            }
        }
        T run = privilegedAction.run();
        context.checking = true;
        return run;
    }

    public static <T> T doUnchecked(PrivilegedExceptionAction<T> privilegedExceptionAction) throws PrivilegedActionException {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            if (securityManager != null) {
                return (T) AccessController.doPrivileged(privilegedExceptionAction, getCallerAccessControlContext());
            }
            try {
                return privilegedExceptionAction.run();
            } catch (Exception e) {
                throw new PrivilegedActionException(e);
            }
        }
        Context context = CTX.get();
        if (!context.checking) {
            try {
                return privilegedExceptionAction.run();
            } catch (Exception e2) {
                throw new PrivilegedActionException(e2);
            }
        }
        context.checking = false;
        if (securityManager != null) {
            try {
                try {
                    checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
                } catch (Exception e3) {
                    throw new PrivilegedActionException(e3);
                }
            } catch (Throwable th) {
                context.checking = true;
                throw th;
            }
        }
        T run = privilegedExceptionAction.run();
        context.checking = true;
        return run;
    }

    public static <T> T doUnchecked(PrivilegedAction<T> privilegedAction, AccessControlContext accessControlContext) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (T) AccessController.doPrivileged(privilegedAction, accessControlContext) : (T) AccessController.doPrivileged(privilegedAction, accessControlContext);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return (T) AccessController.doPrivileged(privilegedAction, accessControlContext);
        }
        context.checking = false;
        if (securityManager != null) {
            try {
                checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
            } catch (Throwable th) {
                context.checking = true;
                throw th;
            }
        }
        T run = privilegedAction.run();
        context.checking = true;
        return run;
    }

    public static <T> T doUnchecked(PrivilegedExceptionAction<T> privilegedExceptionAction, AccessControlContext accessControlContext) throws PrivilegedActionException {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (T) AccessController.doPrivileged(privilegedExceptionAction, accessControlContext) : (T) AccessController.doPrivileged(privilegedExceptionAction, accessControlContext);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return (T) AccessController.doPrivileged(privilegedExceptionAction, accessControlContext);
        }
        context.checking = false;
        if (securityManager != null) {
            try {
                checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
            } catch (Throwable th) {
                context.checking = true;
                throw th;
            }
        }
        T t = (T) AccessController.doPrivileged(privilegedExceptionAction, accessControlContext);
        context.checking = true;
        return t;
    }

    public static <T, P> T doUnchecked(P p, ParametricPrivilegedAction<T, P> parametricPrivilegedAction) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (T) doPrivilegedWithParameter(p, parametricPrivilegedAction, (AccessControlContext) null) : parametricPrivilegedAction.run(p);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return parametricPrivilegedAction.run(p);
        }
        context.checking = false;
        if (securityManager != null) {
            try {
                checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
            } catch (Throwable th) {
                context.checking = true;
                throw th;
            }
        }
        T run = parametricPrivilegedAction.run(p);
        context.checking = true;
        return run;
    }

    public static <T, P> T doUnchecked(P p, ParametricPrivilegedExceptionAction<T, P> parametricPrivilegedExceptionAction) throws PrivilegedActionException {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            if (securityManager != null) {
                return (T) doPrivilegedWithParameter(p, parametricPrivilegedExceptionAction, (AccessControlContext) null);
            }
            try {
                return parametricPrivilegedExceptionAction.run(p);
            } catch (Exception e) {
                throw new PrivilegedActionException(e);
            }
        }
        Context context = CTX.get();
        if (!context.checking) {
            try {
                return parametricPrivilegedExceptionAction.run(p);
            } catch (Exception e2) {
                throw new PrivilegedActionException(e2);
            }
        }
        context.checking = false;
        try {
            if (securityManager != null) {
                try {
                    checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
                } catch (Exception e3) {
                    throw new PrivilegedActionException(e3);
                }
            }
            T run = parametricPrivilegedExceptionAction.run(p);
            context.checking = true;
            return run;
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    public static <T, P> T doUnchecked(P p, ParametricPrivilegedAction<T, P> parametricPrivilegedAction, AccessControlContext accessControlContext) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return (T) doPrivilegedWithParameter(p, parametricPrivilegedAction, accessControlContext);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return (T) doPrivilegedWithParameter(p, parametricPrivilegedAction, accessControlContext);
        }
        context.checking = false;
        if (securityManager != null) {
            try {
                checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
            } catch (Throwable th) {
                context.checking = true;
                throw th;
            }
        }
        T t = (T) doPrivilegedWithParameter(p, parametricPrivilegedAction, accessControlContext);
        context.checking = true;
        return t;
    }

    public static <T, P> T doUnchecked(P p, ParametricPrivilegedExceptionAction<T, P> parametricPrivilegedExceptionAction, AccessControlContext accessControlContext) throws PrivilegedActionException {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return (T) doPrivilegedWithParameter(p, parametricPrivilegedExceptionAction, accessControlContext);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return (T) doPrivilegedWithParameter(p, parametricPrivilegedExceptionAction, accessControlContext);
        }
        context.checking = false;
        if (securityManager != null) {
            try {
                checkPDPermission(getCallerClass(1), WildFlySecurityManagerPermission.doUncheckedPermission);
            } catch (Throwable th) {
                context.checking = true;
                throw th;
            }
        }
        T t = (T) doPrivilegedWithParameter(p, parametricPrivilegedExceptionAction, accessControlContext);
        context.checking = true;
        return t;
    }

    private static void checkPropertyReadPermission(Class<?> cls, String str) {
        ProtectionDomain protectionDomain;
        ClassLoader classLoader;
        if (System.getSecurityManager() instanceof WildFlySecurityManager) {
            protectionDomain = cls.getProtectionDomain();
            classLoader = cls.getClassLoader();
        } else {
            protectionDomain = (ProtectionDomain) AccessController.doPrivileged(new GetProtectionDomainAction(cls));
            classLoader = (ClassLoader) AccessController.doPrivileged(new GetClassLoaderAction(cls));
        }
        if (protectionDomain.implies(PROPERTIES_PERMISSION)) {
            return;
        }
        PropertyPermission propertyPermission = new PropertyPermission(str, Phase.READ);
        if (protectionDomain.implies(propertyPermission)) {
            return;
        }
        SecurityMessages.access.accessCheckFailed(propertyPermission, protectionDomain.getCodeSource(), classLoader);
        if (!LOG_ONLY) {
            throw SecurityMessages.access.accessControlException(propertyPermission, propertyPermission, protectionDomain.getCodeSource(), classLoader);
        }
    }

    private static void checkEnvPropertyReadPermission(Class<?> cls, String str) {
        ProtectionDomain protectionDomain;
        ClassLoader classLoader;
        if (System.getSecurityManager() instanceof WildFlySecurityManager) {
            protectionDomain = cls.getProtectionDomain();
            classLoader = cls.getClassLoader();
        } else {
            protectionDomain = (ProtectionDomain) AccessController.doPrivileged(new GetProtectionDomainAction(cls));
            classLoader = (ClassLoader) AccessController.doPrivileged(new GetClassLoaderAction(cls));
        }
        if (protectionDomain.implies(ENVIRONMENT_PERMISSION)) {
            return;
        }
        RuntimePermission runtimePermission = new RuntimePermission("getenv." + str);
        if (protectionDomain.implies(runtimePermission)) {
            return;
        }
        SecurityMessages.access.accessCheckFailed(runtimePermission, protectionDomain.getCodeSource(), classLoader);
        if (!LOG_ONLY) {
            throw SecurityMessages.access.accessControlException(runtimePermission, runtimePermission, protectionDomain.getCodeSource(), classLoader);
        }
    }

    private static void checkPropertyWritePermission(Class<?> cls, String str) {
        ProtectionDomain protectionDomain;
        ClassLoader classLoader;
        if (System.getSecurityManager() instanceof WildFlySecurityManager) {
            protectionDomain = cls.getProtectionDomain();
            classLoader = cls.getClassLoader();
        } else {
            protectionDomain = (ProtectionDomain) AccessController.doPrivileged(new GetProtectionDomainAction(cls));
            classLoader = (ClassLoader) AccessController.doPrivileged(new GetClassLoaderAction(cls));
        }
        if (protectionDomain.implies(PROPERTIES_PERMISSION)) {
            return;
        }
        PropertyPermission propertyPermission = new PropertyPermission(str, Phase.WRITE);
        if (protectionDomain.implies(propertyPermission)) {
            return;
        }
        SecurityMessages.access.accessCheckFailed(propertyPermission, protectionDomain.getCodeSource(), classLoader);
        if (!LOG_ONLY) {
            throw SecurityMessages.access.accessControlException(propertyPermission, propertyPermission, protectionDomain.getCodeSource(), classLoader);
        }
    }

    private static void checkPDPermission(Class<?> cls, Permission permission) {
        ProtectionDomain protectionDomain;
        ClassLoader classLoader;
        if (System.getSecurityManager() instanceof WildFlySecurityManager) {
            protectionDomain = cls.getProtectionDomain();
            classLoader = cls.getClassLoader();
        } else {
            protectionDomain = (ProtectionDomain) AccessController.doPrivileged(new GetProtectionDomainAction(cls));
            classLoader = (ClassLoader) AccessController.doPrivileged(new GetClassLoaderAction(cls));
        }
        if (protectionDomain.implies(permission)) {
            return;
        }
        SecurityMessages.access.accessCheckFailed(permission, protectionDomain.getCodeSource(), classLoader);
        if (!LOG_ONLY) {
            throw SecurityMessages.access.accessControlException(permission, permission, protectionDomain.getCodeSource(), classLoader);
        }
    }

    public static String getPropertyPrivileged(String str, String str2) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            if (securityManager == null) {
                return System.getProperty(str, str2);
            }
            return (String) AccessController.doPrivileged(new ReadPropertyAction(str, str2), getCallerAccessControlContext());
        }
        Context context = CTX.get();
        if (!context.checking) {
            return System.getProperty(str, str2);
        }
        context.checking = false;
        try {
            checkPropertyReadPermission(getCallerClass(1), str);
            String property = System.getProperty(str, str2);
            context.checking = true;
            return property;
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    private static <T> T def(T t, T t2) {
        return t == null ? t2 : t;
    }

    public static String getEnvPropertyPrivileged(String str, String str2) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (String) AccessController.doPrivileged(new ReadEnvironmentPropertyAction(str, str2), getCallerAccessControlContext()) : System.getenv(str);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return (String) def(System.getenv(str), str2);
        }
        context.checking = false;
        try {
            checkEnvPropertyReadPermission(getCallerClass(1), str);
            String str3 = (String) def(System.getenv(str), str2);
            context.checking = true;
            return str3;
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    public static String setPropertyPrivileged(String str, String str2) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (String) AccessController.doPrivileged(new WritePropertyAction(str, str2), getCallerAccessControlContext()) : System.setProperty(str, str2);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return System.setProperty(str, str2);
        }
        context.checking = false;
        try {
            checkPropertyWritePermission(getCallerClass(1), str);
            String property = System.setProperty(str, str2);
            context.checking = true;
            return property;
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    public static String clearPropertyPrivileged(String str) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (String) AccessController.doPrivileged(new ClearPropertyAction(str), getCallerAccessControlContext()) : System.clearProperty(str);
        }
        Context context = CTX.get();
        if (!context.checking) {
            return System.clearProperty(str);
        }
        context.checking = false;
        try {
            checkPropertyWritePermission(getCallerClass(1), str);
            String clearProperty = System.clearProperty(str);
            context.checking = true;
            return clearProperty;
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    public static ClassLoader getCurrentContextClassLoaderPrivileged() {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (ClassLoader) AccessController.doPrivileged(GetContextClassLoaderAction.getInstance(), getCallerAccessControlContext()) : Thread.currentThread().getContextClassLoader();
        }
        Context context = CTX.get();
        if (!context.checking) {
            return Thread.currentThread().getContextClassLoader();
        }
        context.checking = false;
        try {
            checkPDPermission(getCallerClass(1), GET_CLASS_LOADER_PERMISSION);
            return Thread.currentThread().getContextClassLoader();
        } finally {
            context.checking = true;
        }
    }

    public static ClassLoader setCurrentContextClassLoaderPrivileged(ClassLoader classLoader) {
        SecurityManager securityManager = System.getSecurityManager();
        Thread currentThread = Thread.currentThread();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            if (securityManager != null) {
                return (ClassLoader) AccessController.doPrivileged(new SetContextClassLoaderAction(classLoader), ACC_CACHE.get(getCallerClass(1)));
            }
            try {
                ClassLoader contextClassLoader = currentThread.getContextClassLoader();
                currentThread.setContextClassLoader(classLoader);
                return contextClassLoader;
            } finally {
                currentThread.setContextClassLoader(classLoader);
            }
        }
        Context context = CTX.get();
        if (!context.checking) {
            try {
                ClassLoader contextClassLoader2 = currentThread.getContextClassLoader();
                currentThread.setContextClassLoader(classLoader);
                return contextClassLoader2;
            } finally {
            }
        }
        context.checking = false;
        try {
            checkPDPermission(getCallerClass(1), SET_CLASS_LOADER_PERMISSION);
            try {
                ClassLoader contextClassLoader3 = currentThread.getContextClassLoader();
                currentThread.setContextClassLoader(classLoader);
                context.checking = true;
                return contextClassLoader3;
            } finally {
            }
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    public static ClassLoader setCurrentContextClassLoaderPrivileged(Class<?> cls) {
        SecurityManager securityManager = System.getSecurityManager();
        Thread currentThread = Thread.currentThread();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            if (securityManager != null) {
                return (ClassLoader) AccessController.doPrivileged(new SetContextClassLoaderAction(cls.getClassLoader()), getCallerAccessControlContext());
            }
            try {
                ClassLoader contextClassLoader = currentThread.getContextClassLoader();
                currentThread.setContextClassLoader(cls.getClassLoader());
                return contextClassLoader;
            } finally {
                currentThread.setContextClassLoader(cls.getClassLoader());
            }
        }
        Context context = CTX.get();
        if (!context.checking) {
            try {
                ClassLoader contextClassLoader2 = currentThread.getContextClassLoader();
                currentThread.setContextClassLoader(cls.getClassLoader());
                return contextClassLoader2;
            } finally {
            }
        }
        context.checking = false;
        try {
            Class<?> callerClass = getCallerClass(1);
            checkPDPermission(callerClass, SET_CLASS_LOADER_PERMISSION);
            checkPDPermission(callerClass, GET_CLASS_LOADER_PERMISSION);
            try {
                ClassLoader contextClassLoader3 = currentThread.getContextClassLoader();
                currentThread.setContextClassLoader(cls.getClassLoader());
                context.checking = true;
                return contextClassLoader3;
            } finally {
            }
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    public static Properties getSystemPropertiesPrivileged() {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (Properties) AccessController.doPrivileged(GetSystemPropertiesAction.getInstance(), getCallerAccessControlContext()) : System.getProperties();
        }
        Context context = CTX.get();
        if (!context.checking) {
            return System.getProperties();
        }
        context.checking = false;
        try {
            checkPDPermission(getCallerClass(1), PROPERTIES_PERMISSION);
            return System.getProperties();
        } finally {
            context.checking = true;
        }
    }

    public static Map<String, String> getSystemEnvironmentPrivileged() {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (Map) AccessController.doPrivileged(GetEnvironmentAction.getInstance(), getCallerAccessControlContext()) : System.getenv();
        }
        Context context = CTX.get();
        if (!context.checking) {
            return System.getenv();
        }
        context.checking = false;
        try {
            checkPDPermission(getCallerClass(1), ENVIRONMENT_PERMISSION);
            return System.getenv();
        } finally {
            context.checking = true;
        }
    }

    public static ClassLoader getClassLoaderPrivileged(Class<?> cls) {
        SecurityManager securityManager = System.getSecurityManager();
        if (!(securityManager instanceof WildFlySecurityManager)) {
            return securityManager != null ? (ClassLoader) AccessController.doPrivileged(new GetClassLoaderAction(cls), getCallerAccessControlContext()) : cls.getClassLoader();
        }
        Context context = CTX.get();
        if (!context.checking) {
            return cls.getClassLoader();
        }
        context.checking = false;
        try {
            checkPDPermission(getCallerClass(1), GET_CLASS_LOADER_PERMISSION);
            ClassLoader classLoader = cls.getClassLoader();
            context.checking = true;
            return classLoader;
        } catch (Throwable th) {
            context.checking = true;
            throw th;
        }
    }

    public static <T, P> T doPrivilegedWithParameter(P p, ParametricPrivilegedAction<T, P> parametricPrivilegedAction) {
        Context context = CTX.get();
        context.action1 = parametricPrivilegedAction;
        context.parameter = p;
        return (T) AccessController.doPrivileged(PA_TRAMPOLINE1, ACC_CACHE.get(getCallerClass(1)));
    }

    public static <T, P> T doPrivilegedWithParameter(P p, ParametricPrivilegedExceptionAction<T, P> parametricPrivilegedExceptionAction) throws PrivilegedActionException {
        Context context = CTX.get();
        context.action2 = parametricPrivilegedExceptionAction;
        context.parameter = p;
        return (T) AccessController.doPrivileged(PA_TRAMPOLINE2, ACC_CACHE.get(getCallerClass(1)));
    }

    public static <T, P> T doPrivilegedWithParameter(P p, ParametricPrivilegedAction<T, P> parametricPrivilegedAction, AccessControlContext accessControlContext) {
        AccessControlContext accessControlContext2;
        Context context = CTX.get();
        context.action1 = parametricPrivilegedAction;
        context.parameter = p;
        context.entered = true;
        if (accessControlContext != null) {
            try {
                ProtectionDomain[] protectionDomainStack = getProtectionDomainStack(accessControlContext);
                if (protectionDomainStack != null && protectionDomainStack.length != 0) {
                    ProtectionDomain[] protectionDomainArr = (ProtectionDomain[]) Arrays.copyOf(protectionDomainStack, protectionDomainStack.length + 1);
                    protectionDomainArr[protectionDomainStack.length] = getCallerClass(1).getProtectionDomain();
                    accessControlContext2 = new AccessControlContext(protectionDomainArr);
                    context.entered = false;
                    return (T) AccessController.doPrivileged(PA_TRAMPOLINE1, accessControlContext2);
                }
            } catch (Throwable th) {
                context.entered = false;
                throw th;
            }
        }
        accessControlContext2 = ACC_CACHE.get(getCallerClass(1));
        context.entered = false;
        return (T) AccessController.doPrivileged(PA_TRAMPOLINE1, accessControlContext2);
    }

    public static <T, P> T doPrivilegedWithParameter(P p, ParametricPrivilegedExceptionAction<T, P> parametricPrivilegedExceptionAction, AccessControlContext accessControlContext) throws PrivilegedActionException {
        AccessControlContext accessControlContext2;
        Context context = CTX.get();
        context.action2 = parametricPrivilegedExceptionAction;
        context.parameter = p;
        context.entered = true;
        try {
            ProtectionDomain[] protectionDomainStack = getProtectionDomainStack(accessControlContext);
            if (protectionDomainStack == null || protectionDomainStack.length == 0) {
                accessControlContext2 = ACC_CACHE.get(getCallerClass(1));
            } else {
                ProtectionDomain[] protectionDomainArr = (ProtectionDomain[]) Arrays.copyOf(protectionDomainStack, protectionDomainStack.length + 1);
                protectionDomainArr[protectionDomainStack.length] = getCallerClass(1).getProtectionDomain();
                accessControlContext2 = new AccessControlContext(protectionDomainArr);
            }
            return (T) AccessController.doPrivileged(PA_TRAMPOLINE2, accessControlContext2);
        } finally {
            context.entered = false;
        }
    }

    private static AccessControlContext getCallerAccessControlContext() {
        SecurityManager securityManager = System.getSecurityManager();
        Context context = CTX.get();
        if (securityManager != null) {
            try {
                if (!(securityManager instanceof WildFlySecurityManager)) {
                    Class<?> callerClass = getCallerClass(usingStackWalker ? 2 : 1);
                    AccessControlContext accessControlContext = (AccessControlContext) AccessController.doPrivileged(() -> {
                        return ACC_CACHE.get(callerClass);
                    });
                    context.entered = false;
                    return accessControlContext;
                }
            } catch (Throwable th) {
                context.entered = false;
                throw th;
            }
        }
        AccessControlContext accessControlContext2 = ACC_CACHE.get(getCallerClass(usingStackWalker ? 2 : 1));
        context.entered = false;
        return accessControlContext2;
    }

    static {
        try {
            Field declaredField = AccessControlContext.class.getDeclaredField("context");
            if (declaredField.getType() != ProtectionDomain[].class) {
                throw new Error();
            }
            try {
                unsafe = (Unsafe) ((Field) AccessController.doPrivileged(new GetAccessibleDeclaredFieldAction(Unsafe.class, "theUnsafe"))).get(null);
                pdStackOffset = unsafe.objectFieldOffset(declaredField);
                INSTANCE = (WildFlySecurityManager) AccessController.doPrivileged(new PrivilegedAction<WildFlySecurityManager>() { // from class: org.wildfly.security.manager.WildFlySecurityManager.2
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public WildFlySecurityManager run() {
                        return new WildFlySecurityManager();
                    }
                });
                boolean z = false;
                try {
                    z = JDKSpecific.getCallerClass(0) == WildFlySecurityManager.class;
                } catch (Throwable th) {
                }
                hasGetCallerClass = z;
                usingStackWalker = hasGetCallerClass && JDKSpecific.usingStackWalker();
                LOG_ONLY = Boolean.parseBoolean((String) AccessController.doPrivileged(new ReadPropertyAction("org.wildfly.security.manager.log-only", "false")));
                ATOMIC_FIELD_UPDATER_TYPES = new Class[]{AtomicReferenceFieldUpdater.class, AtomicLongFieldUpdater.class, AtomicIntegerFieldUpdater.class};
                ACC_CACHE = new ClassValue<AccessControlContext>() { // from class: org.wildfly.security.manager.WildFlySecurityManager.3
                    static final /* synthetic */ boolean $assertionsDisabled;

                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.lang.ClassValue
                    protected AccessControlContext computeValue(Class<?> cls) {
                        Context context = (Context) WildFlySecurityManager.CTX.get();
                        if (!$assertionsDisabled && context.entered) {
                            throw new AssertionError();
                        }
                        context.entered = true;
                        try {
                            AccessControlContext accessControlContext = new AccessControlContext(new ProtectionDomain[]{cls.getProtectionDomain()});
                            context.entered = false;
                            return accessControlContext;
                        } catch (Throwable th2) {
                            context.entered = false;
                            throw th2;
                        }
                    }

                    @Override // java.lang.ClassValue
                    protected /* bridge */ /* synthetic */ AccessControlContext computeValue(Class cls) {
                        return computeValue((Class<?>) cls);
                    }

                    static {
                        $assertionsDisabled = !WildFlySecurityManager.class.desiredAssertionStatus();
                    }
                };
                PA_TRAMPOLINE1 = new PrivilegedAction<Object>() { // from class: org.wildfly.security.manager.WildFlySecurityManager.4
                    @Override // java.security.PrivilegedAction
                    public Object run() {
                        Context context = (Context) WildFlySecurityManager.CTX.get();
                        ParametricPrivilegedAction<Object, Object> parametricPrivilegedAction = context.action1;
                        Object obj = context.parameter;
                        context.action1 = null;
                        context.parameter = null;
                        return parametricPrivilegedAction.run(obj);
                    }
                };
                PA_TRAMPOLINE2 = new PrivilegedExceptionAction<Object>() { // from class: org.wildfly.security.manager.WildFlySecurityManager.5
                    @Override // java.security.PrivilegedExceptionAction
                    public Object run() throws Exception {
                        Context context = (Context) WildFlySecurityManager.CTX.get();
                        ParametricPrivilegedExceptionAction<Object, Object> parametricPrivilegedExceptionAction = context.action2;
                        Object obj = context.parameter;
                        context.action2 = null;
                        context.parameter = null;
                        return parametricPrivilegedExceptionAction.run(obj);
                    }
                };
            } catch (IllegalAccessException e) {
                throw new IllegalAccessError(e.getMessage());
            }
        } catch (NoSuchFieldException e2) {
            throw new NoSuchFieldError(e2.getMessage());
        }
    }
}
