package com.inet.webserver.structure;

import com.inet.classloader.BaseLocator;
import com.inet.config.ConfigKey;
import com.inet.config.ConfigurationManager;
import com.inet.config.TempConfiguration;
import com.inet.config.internal.PrivateCloudLicenseTimerTask;
import com.inet.config.structure.ConfigStructure;
import com.inet.config.structure.model.BooleanConfigProperty;
import com.inet.config.structure.model.ConfigAction;
import com.inet.config.structure.model.ConfigCategory;
import com.inet.config.structure.model.ConfigCondition;
import com.inet.config.structure.model.ConfigConditionAction;
import com.inet.config.structure.model.ConfigGroup;
import com.inet.config.structure.model.ConfigProperty;
import com.inet.config.structure.model.ConfigPropertyGroup;
import com.inet.config.structure.model.ConfigValidationMsg;
import com.inet.config.structure.model.FileUploadConfigProperty;
import com.inet.config.structure.model.LocalizedKey;
import com.inet.config.structure.model.UnitConfigProperty;
import com.inet.config.structure.provider.AbstractStructureProvider;
import com.inet.config.structure.provider.ConditionGenerator;
import com.inet.config.structure.provider.ConfigStructureSettings;
import com.inet.config.structure.provider.ConfigValidator;
import com.inet.http.ClientMessageException;
import com.inet.http.security.TrustAllTrustManager;
import com.inet.http.servlet.SessionStore;
import com.inet.id.GUID;
import com.inet.lib.io.FastByteArrayOutputStream;
import com.inet.lib.json.Json;
import com.inet.lib.json.JsonException;
import com.inet.lib.util.IOFunctions;
import com.inet.lib.util.StringFunctions;
import com.inet.permissions.SystemPermissionChecker;
import com.inet.persistence.Persistence;
import com.inet.plugin.ServerPluginManager;
import com.inet.taskplanner.server.api.TaskDefinition;
import com.inet.taskplanner.server.api.TaskPlanner;
import com.inet.taskplanner.server.api.job.JobDefinition;
import com.inet.taskplanner.server.api.trigger.FileChangeTriggerBuilder;
import com.inet.taskplanner.server.api.trigger.TimeTriggerBuilder;
import com.inet.taskplanner.server.api.trigger.TriggerDefinition;
import com.inet.taskplanner.server.api.trigger.time.RepeatInterval;
import com.inet.taskplanner.server.internalapi.TaskPlannerForUsers;
import com.inet.webserver.ListenerSettings;
import com.inet.webserver.SSLSelfSignedCertificateGenerator;
import com.inet.webserver.WebServerPlugin;
import com.inet.webserver.c;
import com.inet.webserver.f;
import com.inet.webserver.webconfig.WebConfig;
import jakarta.servlet.http.HttpServletRequest;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.Serializable;
import java.net.InetAddress;
import java.net.URL;
import java.net.URLConnection;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.Currency;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.SuppressFBWarnings;

/* loaded from: input_file:com/inet/webserver/structure/b.class */
public class b extends AbstractStructureProvider {
    public void addGroupsTo(@Nonnull Set<ConfigGroup> set, boolean z, @Nonnull ConfigStructureSettings configStructureSettings) {
    }

    public void addCategoriesTo(@Nonnull Set<ConfigCategory> set, @Nonnull String str, boolean z, @Nonnull ConfigStructureSettings configStructureSettings) {
        boolean z2 = -1;
        switch (str.hashCode()) {
            case 1127732348:
                if (str.equals("categorygroup.system")) {
                    z2 = false;
                    break;
                }
                break;
        }
        switch (z2) {
            case WebConfig.MIN_PORT /* 0 */:
                set.add(new ConfigCategory(200, "category.webserver", translate(configStructureSettings, "category.webserver", new Object[0]), "system-webserver"));
                return;
            default:
                return;
        }
    }

    public URL getCategoryIcon(@Nonnull String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 766416551:
                if (str.equals("category.webserver")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case WebConfig.MIN_PORT /* 0 */:
                return getClass().getResource("webserver_48.png");
            default:
                return null;
        }
    }

    public void addPropertyGroupsTo(@Nonnull Set<ConfigPropertyGroup> set, @Nonnull String str, boolean z, @Nonnull ConfigStructureSettings configStructureSettings) {
        boolean z2 = -1;
        switch (str.hashCode()) {
            case -355380216:
                if (str.equals("action.webserver.certificate")) {
                    z2 = true;
                    break;
                }
                break;
            case 383132600:
                if (str.equals("action.webserver.uploaded.certificate")) {
                    z2 = 2;
                    break;
                }
                break;
            case 558089246:
                if (str.equals("action.webserver.letsencrypt")) {
                    z2 = 3;
                    break;
                }
                break;
            case 766416551:
                if (str.equals("category.webserver")) {
                    z2 = false;
                    break;
                }
                break;
        }
        switch (z2) {
            case WebConfig.MIN_PORT /* 0 */:
                set.add(new ConfigPropertyGroup(100, "group.webserver.connections", translate(configStructureSettings, "group.webserver.connections", new Object[0])));
                set.add(new ConfigPropertyGroup(150, "group.webserver.certificates.fix", (String) null, new ConfigAction("action.webserver.uploaded.certificate", translate(configStructureSettings, "action.webserver.certificate", new Object[0]))));
                set.add(new ConfigPropertyGroup(155, "group.webserver.certificates.fix.file", (String) null, new ConfigAction("action.webserver.certificate", translate(configStructureSettings, "action.webserver.certificate", new Object[0]))));
                if (f(configStructureSettings)) {
                    set.add(new ConfigPropertyGroup(160, "group.webserver.certificates.letsencrypt", (String) null, new ConfigAction("action.webserver.letsencrypt", translate(configStructureSettings, "action.webserver.letsencrypt", new Object[0]))));
                }
                set.add(new ConfigPropertyGroup(170, "action.validate.certificate", (String) null, new ConfigAction("action.validate.certificate", translate(configStructureSettings, "action.validate.certificate", new Object[0]))));
                if (z) {
                    set.add(new ConfigPropertyGroup(200, "group.webserver.performance", translate(configStructureSettings, "group.webserver.performance", new Object[0])));
                    set.add(new ConfigPropertyGroup(400, "group.webserver.security", translate(configStructureSettings, "group.webserver.security", new Object[0])));
                }
                try {
                    Integer.parseInt((String) Objects.requireNonNullElse(System.getProperty("restart.exitcode"), "NaN"));
                    set.add(new ConfigPropertyGroup(300, "group.webserver.restart", translate(configStructureSettings, "group.webserver.restart", new Object[0]), new ConfigAction("action.webserver.restart", translate(configStructureSettings, "action.webserver.restart", new Object[0]))));
                } catch (Throwable th) {
                }
                if (z) {
                    set.add(new ConfigPropertyGroup(500, "group.header.http", translate(configStructureSettings, "group.header.http", new Object[0])));
                    set.add(new ConfigPropertyGroup(501, "group.header.https", translate(configStructureSettings, "group.header.https", new Object[0])));
                    return;
                }
                return;
            case true:
                set.add(new ConfigPropertyGroup(100, "action.webserver.certificate"));
                return;
            case true:
                set.add(new ConfigPropertyGroup(100, "action.webserver.uploaded.certificate"));
                return;
            case true:
                set.add(new ConfigPropertyGroup(100, "action.webserver.letsencrypt"));
                return;
            default:
                return;
        }
    }

    public void addConditionsTo(@Nonnull List<ConfigConditionAction> list, @Nonnull String str, boolean z, @Nonnull ConfigStructureSettings configStructureSettings) {
        ConditionGenerator conditionGenerator = new ConditionGenerator();
        boolean z2 = -1;
        switch (str.hashCode()) {
            case 766416551:
                if (str.equals("category.webserver")) {
                    z2 = false;
                    break;
                }
                break;
        }
        switch (z2) {
            case WebConfig.MIN_PORT /* 0 */:
                ConfigCondition value = conditionGenerator.createCondition().property(ConfigKey.LISTENER_CONNECTION_TYPE).equals().value(ListenerSettings.CONNECTIONTYPE_PLAIN_AND_SECURE);
                ConfigCondition value2 = conditionGenerator.createCondition().property(ConfigKey.LISTENER_CONNECTION_TYPE).equals().value(ListenerSettings.CONNECTIONTYPE_PLAIN);
                ConfigCondition value3 = conditionGenerator.createCondition().property(ConfigKey.LISTENER_CONNECTION_TYPE).equals().value(ListenerSettings.CONNECTIONTYPE_SECURE);
                ConfigCondition or = conditionGenerator.createCondition().or(new ConfigCondition[]{value2, value});
                ConfigCondition or2 = conditionGenerator.createCondition().or(new ConfigCondition[]{value3, value});
                ConfigCondition and = conditionGenerator.createCondition().and(new ConfigCondition[]{or2, conditionGenerator.createCondition().property(WebConfigKeys.CERTIFICATE_TYPE).equals().value(WebConfigKeys.FIX_FILE_CERTIFICATE)});
                ConfigCondition and2 = conditionGenerator.createCondition().and(new ConfigCondition[]{or2, conditionGenerator.createCondition().property(WebConfigKeys.CERTIFICATE_TYPE).equals().value(WebConfigKeys.FIX_UPLOAD_CERTIFICATE)});
                ConfigCondition and3 = conditionGenerator.createCondition().and(new ConfigCondition[]{or2, conditionGenerator.createCondition().property(WebConfigKeys.CERTIFICATE_TYPE).equals().value(WebConfigKeys.LETSENCRYPT_CERTIFICATE)});
                if (f(configStructureSettings) && z) {
                    list.add(conditionGenerator.visibleActionFor(conditionGenerator.createCondition().or(new ConfigCondition[]{conditionGenerator.createCondition().not(conditionGenerator.createCondition().property(WebConfigKeys.CERTIFICATE_TYPE).equals().value(WebConfigKeys.LETSENCRYPT_CERTIFICATE)), conditionGenerator.createCondition().not(conditionGenerator.createCondition().property(WebConfigKeys.LISTENER_CONTEXT).equals().value("/")), conditionGenerator.createCondition().property(ConfigKey.LISTENER_CONNECTION_TYPE).equals().value(ListenerSettings.CONNECTIONTYPE_PLAIN)}), WebConfigKeys.LISTENER_CONTEXT));
                }
                list.add(conditionGenerator.visibleActionFor(and3, "group.webserver.certificates.letsencrypt"));
                list.add(conditionGenerator.visibleActionFor(value, ConfigKey.LISTENER_SSL_REDIRECT));
                list.add(conditionGenerator.visibleActionFor(or, ConfigKey.LISTENER_PORT));
                list.add(conditionGenerator.visibleActionFor(or2, ConfigKey.LISTENER_SSL_PORT));
                list.add(conditionGenerator.visibleActionFor(or2, WebConfigKeys.CERTIFICATE_TYPE));
                list.add(conditionGenerator.visibleActionFor(and, "group.webserver.certificates.fix.file"));
                list.add(conditionGenerator.visibleActionFor(and2, "group.webserver.certificates.fix"));
                list.add(conditionGenerator.visibleActionFor(or2, "action.validate.certificate"));
                if (z) {
                    list.add(conditionGenerator.visibleActionFor(or, "group.header.http"));
                    list.add(conditionGenerator.visibleActionFor(or, ConfigKey.HTTP_HEADER_FIELDS));
                    list.add(conditionGenerator.visibleActionFor(or2, "group.header.https"));
                    list.add(conditionGenerator.visibleActionFor(or2, ConfigKey.HTTPS_HEADER_FIELDS));
                    return;
                }
                return;
            default:
                return;
        }
    }

    public void addPropertiesTo(@Nonnull Set<ConfigProperty> set, @Nonnull String str, boolean z, @Nonnull ConfigStructureSettings configStructureSettings) {
        boolean z2 = -1;
        switch (str.hashCode()) {
            case -1415468767:
                if (str.equals("group.webserver.certificates.fix.file")) {
                    z2 = true;
                    break;
                }
                break;
            case -1061972183:
                if (str.equals("group.webserver.certificates.fix")) {
                    z2 = 2;
                    break;
                }
                break;
            case -969804455:
                if (str.equals("group.header.https")) {
                    z2 = 11;
                    break;
                }
                break;
            case -355380216:
                if (str.equals("action.webserver.certificate")) {
                    z2 = 7;
                    break;
                }
                break;
            case -53769338:
                if (str.equals("group.webserver.security")) {
                    z2 = 6;
                    break;
                }
                break;
            case 355048271:
                if (str.equals("group.webserver.connections")) {
                    z2 = false;
                    break;
                }
                break;
            case 383132600:
                if (str.equals("action.webserver.uploaded.certificate")) {
                    z2 = 8;
                    break;
                }
                break;
            case 384357978:
                if (str.equals("group.header.http")) {
                    z2 = 10;
                    break;
                }
                break;
            case 530671809:
                if (str.equals("group.webserver.certificates.letsencrypt")) {
                    z2 = 3;
                    break;
                }
                break;
            case 558089246:
                if (str.equals("action.webserver.letsencrypt")) {
                    z2 = 9;
                    break;
                }
                break;
            case 926607625:
                if (str.equals("group.webserver.restart")) {
                    z2 = 5;
                    break;
                }
                break;
            case 1445023274:
                if (str.equals("group.webserver.performance")) {
                    z2 = 4;
                    break;
                }
                break;
        }
        switch (z2) {
            case WebConfig.MIN_PORT /* 0 */:
                ArrayList arrayList = new ArrayList();
                arrayList.add(new LocalizedKey(ListenerSettings.CONNECTIONTYPE_PLAIN, translate(configStructureSettings, ListenerSettings.CONNECTIONTYPE_PLAIN, new Object[0])));
                arrayList.add(new LocalizedKey(ListenerSettings.CONNECTIONTYPE_PLAIN_AND_SECURE, translate(configStructureSettings, ListenerSettings.CONNECTIONTYPE_PLAIN_AND_SECURE, new Object[0])));
                arrayList.add(new LocalizedKey(ListenerSettings.CONNECTIONTYPE_SECURE, translate(configStructureSettings, ListenerSettings.CONNECTIONTYPE_SECURE, new Object[0])));
                addSelectTo(set, ConfigKey.LISTENER_CONNECTION_TYPE, configStructureSettings, arrayList);
                if (z) {
                    addTo(set, ConfigKey.LISTENER_BIND_ADDRESS, "SimpleText", configStructureSettings, translate(configStructureSettings, ConfigKey.LISTENER_BIND_ADDRESS.getKey() + ".placeholder", new Object[0]));
                    addTo(set, WebConfigKeys.LISTENER_CONTEXT, "SimpleText", configStructureSettings, translate(configStructureSettings, WebConfigKeys.LISTENER_CONTEXT.getKey() + ".placeholder", new Object[0]));
                }
                String changedValue = configStructureSettings.getChangedValue(ConfigKey.LISTENER_PORT.getKey());
                if (StringFunctions.isEmpty(changedValue)) {
                    changedValue = String.valueOf(ListenerSettings.getPlainPort(configStructureSettings.getConfiguration()));
                }
                addTo(set, ConfigKey.LISTENER_PORT.getKey(), "FixNumber", changedValue, configStructureSettings);
                String changedValue2 = configStructureSettings.getChangedValue(ConfigKey.LISTENER_SSL_PORT.getKey());
                if (StringFunctions.isEmpty(changedValue2)) {
                    changedValue2 = String.valueOf(ListenerSettings.getSslPort(configStructureSettings.getConfiguration()));
                }
                addTo(set, ConfigKey.LISTENER_SSL_PORT.getKey(), "FixNumber", changedValue2, configStructureSettings);
                addTo(set, ConfigKey.LISTENER_SSL_REDIRECT.getKey(), "Boolean", configStructureSettings.getValue(ConfigKey.LISTENER_SSL_REDIRECT), configStructureSettings);
                if (z) {
                    addTo(set, ConfigKey.SERVER_URL, configStructureSettings, ConfigKey.SERVER_URL.getDefault());
                }
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(new LocalizedKey(WebConfigKeys.FIX_UPLOAD_CERTIFICATE, translate(configStructureSettings, WebConfigKeys.FIX_UPLOAD_CERTIFICATE, new Object[0])));
                arrayList2.add(new LocalizedKey(WebConfigKeys.FIX_FILE_CERTIFICATE, translate(configStructureSettings, WebConfigKeys.FIX_FILE_CERTIFICATE, new Object[0])));
                if (f(configStructureSettings)) {
                    arrayList2.add(new LocalizedKey(WebConfigKeys.LETSENCRYPT_CERTIFICATE, translate(configStructureSettings, WebConfigKeys.LETSENCRYPT_CERTIFICATE, new Object[0])));
                }
                addSelectTo(set, WebConfigKeys.CERTIFICATE_TYPE, configStructureSettings, arrayList2);
                return;
            case true:
                addTo(set, ConfigKey.LISTENER_SSL_CERTIFICATE, "File", configStructureSettings);
                addTo(set, ConfigKey.LISTENER_SSL_PRIVATEKEY, "File", configStructureSettings);
                a(set, configStructureSettings);
                return;
            case true:
                String changedValue3 = configStructureSettings.getChangedValue(WebConfigKeys.LISTENER_SSL_CERTIFICATE_UPLOAD.getKey());
                String changedValue4 = configStructureSettings.getChangedValue(WebConfigKeys.LISTENER_SSL_PRIVATEKEY_UPLOAD.getKey());
                if (changedValue3 == null || changedValue4 == null || !changedValue3.startsWith("data:application/ssl-certificate-reader") || !changedValue4.startsWith("data:application/ssl-certificate-reader")) {
                    changedValue3 = ((Serializable) Objects.requireNonNullElse(a.t().w(), "")).toString();
                    changedValue4 = ((Serializable) Objects.requireNonNullElse(a.u().w(), "")).toString();
                }
                addFileUploadTo(set, WebConfigKeys.LISTENER_SSL_CERTIFICATE_UPLOAD.getKey(), configStructureSettings, "*", changedValue3);
                addFileUploadTo(set, WebConfigKeys.LISTENER_SSL_PRIVATEKEY_UPLOAD.getKey(), configStructureSettings, "*", changedValue4);
                int i = 0 + (a.t().x() ? 1 : 0) + (a.u().x() ? 2 : 0);
                try {
                    addTo(set, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".status", "KeyLabel", String.join("; ", b(FileUploadConfigProperty.decodeUploadDataAsBytes(changedValue3))), configStructureSettings);
                } catch (Exception e) {
                }
                addTo(set, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".status", "KeyLabel", WebServerPlugin.MSG.getMsg("listener.ssl.status.upload", new Object[]{Integer.valueOf(i)}), configStructureSettings);
                return;
            case true:
                String value = configStructureSettings.getValue(WebConfigKeys.CERTIFICATE_DOMAINS);
                if (value == null || value.length() == 0) {
                    value = translate(configStructureSettings, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".placeholder", new Object[0]);
                }
                addTo(set, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".status", "KeyLabel", value, configStructureSettings);
                addTo(set, WebConfigKeys.CERTIFICATE_DOMAINS, "Hidden", configStructureSettings);
                return;
            case true:
                addTo(set, ConfigKey.MAX_CONCURRENT_REQUESTS, configStructureSettings);
                addTo(set, ConfigKey.MAX_HTTP_REQUESTS, configStructureSettings);
                if (Persistence.isFilePersistence()) {
                    try {
                        if (!ConfigurationManager.isRecoveryMode()) {
                            Integer.parseInt((String) Objects.requireNonNullElse(System.getProperty("restart.exitcode"), "NaN"));
                        }
                        addUnitTo(set, WebConfigKeys.MAX_HEAP_MEMORY, configStructureSettings, Arrays.asList(new UnitConfigProperty.Unit(1.0d, "MB"), new UnitConfigProperty.Unit(9.765625E-4d, "GB")), translate(configStructureSettings, WebConfigKeys.MAX_HEAP_MEMORY.getKey() + ".placeholder", new Object[]{Long.valueOf((Runtime.getRuntime().maxMemory() / 1024) / 1024)}));
                        addTo(set, WebConfigKeys.USER_LANGUAGE, configStructureSettings, Locale.getDefault().getLanguage());
                        addTo(set, WebConfigKeys.USER_COUNTRY, configStructureSettings, Locale.getDefault().getCountry());
                        addTo(set, WebConfigKeys.VM_ARGUMENTS, configStructureSettings, "");
                        return;
                    } catch (Throwable th) {
                        return;
                    }
                }
                return;
            case true:
                addTo(set, "webserver.restart.hint", "Label", configStructureSettings);
                return;
            case true:
                addTo(set, "cookie.sameSite.hint", "Label", configStructureSettings);
                ArrayList arrayList3 = new ArrayList();
                arrayList3.add(new LocalizedKey("None", translate(configStructureSettings, "cookie.sameSite.None", new Object[0])));
                arrayList3.add(new LocalizedKey("Lax", translate(configStructureSettings, "cookie.sameSite.Lax", new Object[0])));
                arrayList3.add(new LocalizedKey("Strict", translate(configStructureSettings, "cookie.sameSite.Strict", new Object[0])));
                addSelectTo(set, ConfigKey.COOKIE_SAME_SITE, configStructureSettings, arrayList3);
                ArrayList arrayList4 = new ArrayList();
                arrayList4.add(new LocalizedKey("None", translate(configStructureSettings, "listener.frameembedding.None", new Object[0])));
                arrayList4.add(new LocalizedKey("SameOrigin", translate(configStructureSettings, "listener.frameembedding.SameOrigin", new Object[0])));
                arrayList4.add(new LocalizedKey("Deny", translate(configStructureSettings, "listener.frameembedding.Deny", new Object[0])));
                addSelectTo(set, ConfigKey.ALLOW_FRAME_EMBEDDING, configStructureSettings, arrayList4);
                addTo(set, WebConfigKeys.ALLOW_ORIGIN, "SimpleText", configStructureSettings);
                addTo(set, ConfigKey.CROSSDOMAIN_XML, "MultiLineText", configStructureSettings);
                addTo(set, ConfigKey.ROBOTS_TXT, "MultiLineText", configStructureSettings);
                addTo(set, ConfigKey.SECURITY_TXT, "MultiLineText", configStructureSettings);
                return;
            case true:
            case true:
                addTo(set, "hostname", "SimpleText", a(configStructureSettings), configStructureSettings);
                addTo(set, "organization", "SimpleText", b(configStructureSettings), configStructureSettings);
                addTo(set, "location", "SimpleText", "", configStructureSettings);
                addTo(set, "countryCode", "SimpleText", c(configStructureSettings), configStructureSettings);
                if ("action.webserver.certificate".equals(str)) {
                    addTo(set, "targetFolder", "Directory", d(configStructureSettings), configStructureSettings);
                    return;
                }
                return;
            case true:
                String value2 = configStructureSettings.getValue("acme.domain");
                if (value2 == null || value2.trim().isEmpty()) {
                    value2 = configStructureSettings.getValue(WebConfigKeys.CERTIFICATE_DOMAINS);
                }
                set.add(new ConfigProperty(50, "acme.domain", "MultiLineText", translate(configStructureSettings, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".status", new Object[0]), value2, (String) null, translate(configStructureSettings, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".placeholder", new Object[0])));
                set.add(new ConfigProperty(100, "acme.agreement.link", "Link", translate(configStructureSettings, "acme.agreement", new Object[0]), new com.inet.webserver.acme.b().o(), (String) null, (String) null));
                set.add(new BooleanConfigProperty(200, "acme.agreement", translate(configStructureSettings, "acme.agreement.accept", new Object[0]), (String) null, (String) null, "false"));
                return;
            case true:
            case true:
                Comparator comparator = (strArr, strArr2) -> {
                    String str2 = strArr[0];
                    String str3 = strArr2[0];
                    if (str2 == null) {
                        return str3 == null ? 0 : 1;
                    }
                    if (str3 == null) {
                        return -1;
                    }
                    return str2.compareTo(str3);
                };
                ConfigProperty configProperty = new ConfigProperty(0, "", "SimpleText", translate(configStructureSettings, "group.http.header.key", new Object[0]), (Object) null, (String) null, (String) null);
                ConfigProperty configProperty2 = new ConfigProperty(0, "", "SimpleText", translate(configStructureSettings, "group.http.header.value", new Object[0]), (Object) null, (String) null, (String) null);
                ConfigAction[] configActionArr = {new ConfigAction(translate(configStructureSettings, "group.http.header.add", new Object[0]))};
                int[] iArr = {33, 67};
                ConfigKey configKey = "group.header.http".equals(str) ? ConfigKey.HTTP_HEADER_FIELDS : ConfigKey.HTTPS_HEADER_FIELDS;
                List<String[]> a = a(configKey, configStructureSettings);
                Collections.sort(a, comparator);
                addTableTo(set, configKey.getKey(), "", configStructureSettings, a, configActionArr, iArr, new ConfigProperty[]{configProperty, configProperty2});
                return;
            default:
                return;
        }
    }

    @SuppressFBWarnings(value = {"PATH_TRAVERSAL_IN"}, justification = "The path is provided by an adminstrative user.")
    private void a(Set<ConfigProperty> set, ConfigStructureSettings configStructureSettings) {
        String value = configStructureSettings.getValue(ConfigKey.LISTENER_SSL_CERTIFICATE);
        Set<String> of = Set.of();
        if (!StringFunctions.isEmpty(value) && new File(value).isFile()) {
            try {
                of = b(IOFunctions.readBytes(new File(value)));
            } catch (Throwable th) {
            }
        }
        String join = String.join("; ", of);
        if (of.isEmpty()) {
            join = translate(configStructureSettings, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".placeholder", new Object[0]);
        }
        addTo(set, WebConfigKeys.CERTIFICATE_DOMAINS.getKey() + ".status", "KeyLabel", join, configStructureSettings);
    }

    private Set<String> b(byte[] bArr) {
        HashSet hashSet = new HashSet();
        if (bArr == null) {
            return hashSet;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
            String name = x509Certificate.getSubjectX500Principal().getName();
            int indexOf = name.indexOf("CN=");
            if (indexOf >= 0) {
                name = name.substring(indexOf + 3);
            }
            int indexOf2 = name.indexOf(44);
            if (indexOf2 >= 0) {
                name = name.substring(0, indexOf2);
            }
            hashSet.add(name);
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames != null) {
                Iterator<List<?>> it = subjectAlternativeNames.iterator();
                while (it.hasNext()) {
                    hashSet.add(it.next().get(1).toString());
                }
            }
        } catch (Throwable th) {
            hashSet.add(th.getLocalizedMessage());
        }
        return hashSet;
    }

    @Nonnull
    @SuppressFBWarnings(value = {"SERVLET_SERVER_NAME"}, justification = "server name only used for user data")
    private static String a(@Nonnull ConfigStructureSettings configStructureSettings) throws IllegalStateException {
        String value = configStructureSettings.getValue("hostname");
        if (value == null) {
            HttpServletRequest httpServletRequest = SessionStore.getHttpServletRequest();
            if (httpServletRequest == null) {
                throw new IllegalStateException();
            }
            value = httpServletRequest.getServerName();
            if (value.equalsIgnoreCase("localhost") || value.equals("127.0.0.1") || value.equals("::1")) {
                InetAddress[] availableIPAddresses = ConfigurationManager.getInstance().getAvailableIPAddresses();
                int length = availableIPAddresses.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    String hostName = availableIPAddresses[i].getHostName();
                    if (hostName.length() > 0 && Character.isLetter(hostName.charAt(0))) {
                        value = hostName;
                        break;
                    }
                    i++;
                }
            }
        }
        return value;
    }

    @Nonnull
    private static String b(@Nonnull ConfigStructureSettings configStructureSettings) {
        String value = configStructureSettings.getValue("organization");
        if (value == null) {
            String licensee = configStructureSettings.getLicense().getLicensee();
            if (licensee == null) {
                value = "";
            } else {
                int indexOf = licensee.indexOf(10);
                if (indexOf > 0) {
                    licensee = licensee.substring(0, indexOf);
                }
                value = licensee.trim();
            }
        }
        return value;
    }

    @Nonnull
    private static String c(@Nonnull ConfigStructureSettings configStructureSettings) {
        String value = configStructureSettings.getValue("countryCode");
        if (value == null) {
            value = Locale.getDefault().getCountry();
        }
        return value;
    }

    @Nonnull
    public static String d(@Nonnull ConfigStructureSettings configStructureSettings) {
        String value = configStructureSettings.getValue("targetFolder");
        if (value == null) {
            value = Persistence.isFilePersistence() ? Persistence.getInstance().getPersistenceFolder().resolve(".ssh").toString() : BaseLocator.getBaseDirectory().getPath();
        }
        return value;
    }

    @SuppressFBWarnings(value = {"PATH_TRAVERSAL_IN"}, justification = "Only admin set the directory")
    public void validate(@Nullable String str, @Nonnull ArrayList<ConfigValidationMsg> arrayList, @Nonnull ArrayList<ConfigConditionAction> arrayList2, @Nonnull ConfigStructureSettings configStructureSettings) {
        if (str == null || str.equals("category.webserver")) {
            URL url = null;
            boolean z = false;
            try {
                if (!ConfigurationManager.isRecoveryMode()) {
                    url = new URL(configStructureSettings.getValue(ConfigKey.SERVER_URL));
                    z = PrivateCloudLicenseTimerTask.isKnown(url);
                    PrivateCloudLicenseTimerTask.externalUrlAssignable(url);
                }
            } catch (Throwable th) {
                url = null;
                z = false;
            }
            ConfigValidator configValidator = new ConfigValidator(arrayList, configStructureSettings);
            ConfigKey configKey = null;
            HttpServletRequest httpServletRequest = SessionStore.getHttpServletRequest();
            if (httpServletRequest != null) {
                int localPort = httpServletRequest.getLocalPort();
                configKey = localPort == ListenerSettings.getPlainPort(configStructureSettings.getConfiguration()) ? ConfigKey.LISTENER_PORT : localPort == ListenerSettings.getSslPort(configStructureSettings.getConfiguration()) ? ConfigKey.LISTENER_SSL_PORT : null;
            }
            configValidator.checkNeedRestart(ConfigKey.LISTENER_CONNECTION_TYPE);
            configValidator.checkNeedRestart(ConfigKey.LISTENER_BIND_ADDRESS);
            configValidator.checkNeedRestart(WebConfigKeys.LISTENER_CONTEXT);
            String value = configStructureSettings.getValue(WebConfigKeys.LISTENER_CONTEXT);
            if (StringFunctions.isEmpty(value) || !value.startsWith("/") || (value.length() > 1 && value.endsWith("/"))) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.context", new Object[0]), WebConfigKeys.LISTENER_CONTEXT));
            }
            if (configStructureSettings.getChangedValue(WebConfigKeys.LISTENER_CONTEXT.getKey()) != null) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Confirmation, translate(configStructureSettings, "listener.context.change", new Object[0]), WebConfigKeys.LISTENER_CONTEXT.getKey()));
            }
            String value2 = configStructureSettings.getValue(ConfigKey.LISTENER_CONNECTION_TYPE);
            boolean z2 = -1;
            switch (value2.hashCode()) {
                case -721893260:
                    if (value2.equals(ListenerSettings.CONNECTIONTYPE_PLAIN_AND_SECURE)) {
                        z2 = true;
                        break;
                    }
                    break;
                case 106748362:
                    if (value2.equals(ListenerSettings.CONNECTIONTYPE_PLAIN)) {
                        z2 = false;
                        break;
                    }
                    break;
            }
            switch (z2) {
                case WebConfig.MIN_PORT /* 0 */:
                case true:
                    a(false, configKey, arrayList, configStructureSettings, configValidator);
                    break;
            }
            boolean z3 = -1;
            switch (value2.hashCode()) {
                case -906273929:
                    if (value2.equals(ListenerSettings.CONNECTIONTYPE_SECURE)) {
                        z3 = true;
                        break;
                    }
                    break;
                case -721893260:
                    if (value2.equals(ListenerSettings.CONNECTIONTYPE_PLAIN_AND_SECURE)) {
                        z3 = false;
                        break;
                    }
                    break;
            }
            switch (z3) {
                case WebConfig.MIN_PORT /* 0 */:
                case true:
                    a(true, configKey, arrayList, configStructureSettings, configValidator);
                    a(arrayList, configStructureSettings, false);
                    break;
            }
            configValidator.validateHttpURL(ConfigKey.SERVER_URL);
            configValidator.validateNumberRange(ConfigKey.MAX_CONCURRENT_REQUESTS, 5L, 10000L);
            configValidator.validateNumberRange(ConfigKey.MAX_HTTP_REQUESTS, 3L, 1000L);
            String value3 = configStructureSettings.getValue(WebConfigKeys.MAX_HEAP_MEMORY);
            if (value3 != null && !value3.isEmpty()) {
                configValidator.validateUnitNumberRangeWholeNumbers(WebConfigKeys.MAX_HEAP_MEMORY, 128L, Long.MAX_VALUE, "MB");
            }
            configValidator.checkNeedRestart(WebConfigKeys.MAX_HEAP_MEMORY);
            String value4 = configStructureSettings.getValue(WebConfigKeys.USER_COUNTRY);
            if (!StringFunctions.isEmpty(value4)) {
                try {
                    Currency.getInstance(new Locale("", value4));
                } catch (Exception e) {
                    arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.country", new Object[]{value4}), WebConfigKeys.USER_COUNTRY));
                }
            }
            configValidator.checkNeedRestart(WebConfigKeys.USER_LANGUAGE);
            configValidator.checkNeedRestart(WebConfigKeys.USER_COUNTRY);
            a(ConfigKey.HTTP_HEADER_FIELDS, arrayList, configStructureSettings, configValidator);
            a(ConfigKey.HTTPS_HEADER_FIELDS, arrayList, configStructureSettings, configValidator);
            configValidator.checkNeedRestart(ConfigKey.COOKIE_SAME_SITE);
            if (url != null && arrayList.size() == 0 && !ConfigurationManager.isRecoveryMode()) {
                if (!z) {
                    for (int i = 0; i < 20 && PrivateCloudLicenseTimerTask.externalUrlAssignable(url) != null; i++) {
                        try {
                            Thread.sleep(1L);
                        } catch (InterruptedException e2) {
                            return;
                        }
                    }
                }
                String externalUrlAssignable = PrivateCloudLicenseTimerTask.externalUrlAssignable(url);
                if (externalUrlAssignable != null) {
                    arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Warning, externalUrlAssignable, ConfigKey.SERVER_URL));
                }
            }
        }
        if ("action.webserver.certificate".equals(str)) {
            ConfigValidator configValidator2 = new ConfigValidator(arrayList, configStructureSettings);
            String d = d(configStructureSettings);
            new File(d).mkdirs();
            configValidator2.checkDirectoryExists("targetFolder", d);
        }
        if ("action.webserver.letsencrypt".equals(str)) {
            if (!Boolean.parseBoolean(configStructureSettings.getValue("acme.agreement"))) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "action.webserver.letsencrypt.aggreement.accept", new Object[0]), "acme.agreement"));
            }
            String value5 = configStructureSettings.getValue("acme.domain");
            if (value5 == null || value5.trim().isEmpty()) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "action.webserver.letsencrypt.nodomain", new Object[0]), "acme.domain"));
                return;
            }
            String[] split = value5.split("\\s");
            if (a(split, arrayList, configStructureSettings)) {
                try {
                    new com.inet.webserver.acme.b().a(split, true);
                    e(configStructureSettings);
                } catch (Exception e3) {
                    c.o.debug(e3);
                    arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "action.webserver.letsencrypt.error", new Object[]{StringFunctions.getUserFriendlyErrorMessage(e3)}), "acme.domain"));
                }
            }
        }
    }

    private void a(ConfigKey configKey, ArrayList<ConfigValidationMsg> arrayList, ConfigStructureSettings configStructureSettings, ConfigValidator configValidator) {
        for (String[] strArr : a(configKey, configStructureSettings)) {
            String str = strArr[0];
            String str2 = strArr[1];
            if (str.length() <= 0) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "group.http.header.key.empty", new Object[0]), configKey));
                return;
            }
            if (str.contains(":") || str.contains("\n")) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "group.http.header.key.colonNewLine", new Object[0]), configKey));
                return;
            }
            if (!str.trim().equals(str)) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "group.http.header.key.whitespace", new Object[0]), configKey));
                return;
            }
            if (str2.contains("\r") || str2.contains("\n")) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "group.http.header.value.newLine", new Object[0]), configKey));
                return;
            }
            char[] charArray = (str + str2).toCharArray();
            StringBuilder sb = new StringBuilder();
            for (char c : charArray) {
                if (c < ' ' || c > 127) {
                    sb.append(c);
                }
            }
            if (sb.length() > 0) {
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "group.http.header.allowedCharsRange", new Object[]{sb.toString()}), configKey));
                return;
            }
        }
    }

    protected static List<String[]> a(ConfigKey configKey, ConfigStructureSettings configStructureSettings) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = null;
        try {
            arrayList2 = (ArrayList) configStructureSettings.getChangedValue(configKey, ArrayList.class);
        } catch (JsonException e) {
            arrayList.clear();
        }
        if (arrayList2 == null) {
            try {
                Map map = (Map) new Json().fromJson(configStructureSettings.getValue(configKey), HashMap.class);
                if (map != null) {
                    map.forEach((str, str2) -> {
                        arrayList.add(new String[]{str, str2});
                    });
                }
            } catch (JsonException e2) {
                arrayList.clear();
            }
        } else {
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                ArrayList arrayList3 = (ArrayList) it.next();
                arrayList.add(new String[]{(String) arrayList3.get(0), (String) arrayList3.get(1)});
            }
        }
        return arrayList;
    }

    private void a(boolean z, ConfigKey configKey, ArrayList<ConfigValidationMsg> arrayList, ConfigStructureSettings configStructureSettings, ConfigValidator configValidator) {
        ConfigKey configKey2 = z ? ConfigKey.LISTENER_SSL_PORT : ConfigKey.LISTENER_PORT;
        String value = configStructureSettings.getValue(configKey2);
        String valueOf = String.valueOf(ListenerSettings.getPort(z, configStructureSettings.getConfiguration()));
        if (value.isEmpty()) {
            TempConfiguration tempConfiguration = new TempConfiguration("");
            if (z) {
                tempConfiguration.put(ConfigKey.LISTENER_PORT, configStructureSettings.getConfiguration().get(ConfigKey.LISTENER_PORT));
            }
            value = String.valueOf(ListenerSettings.getPort(z, tempConfiguration));
        } else {
            configValidator.validateNumberRange(configKey2.getKey(), value, 1L, 65535L);
        }
        int size = arrayList.size();
        configValidator.checkNeedRestart(configKey2, value, valueOf);
        if (configKey != configKey2 || size == arrayList.size()) {
            return;
        }
        arrayList.add(size, new ConfigValidationMsg(ConfigValidationMsg.Type.Confirmation, translate(configStructureSettings, "listener.portchange", new Object[0]), configKey2));
    }

    private void a(@Nonnull ArrayList<ConfigValidationMsg> arrayList, @Nonnull ConfigStructureSettings configStructureSettings, boolean z) {
        Certificate b = b(arrayList, configStructureSettings, z);
        RSAPrivateKey a = a(arrayList, configStructureSettings);
        if (b == null || a == null) {
            return;
        }
        try {
            f.a(b, a);
        } catch (Exception e) {
            ConfigValidationMsg.Type type = ConfigValidationMsg.Type.Invalid;
            if (e instanceof ClientMessageException) {
                type = ConfigValidationMsg.Type.Warning;
            }
            arrayList.add(new ConfigValidationMsg(type, StringFunctions.getUserFriendlyErrorMessage(e), ConfigKey.LISTENER_SSL_PRIVATEKEY));
        }
    }

    @Nullable
    private Certificate b(@Nonnull ArrayList<ConfigValidationMsg> arrayList, @Nonnull ConfigStructureSettings configStructureSettings, boolean z) {
        URL q;
        ConfigValidator configValidator = new ConfigValidator(arrayList, configStructureSettings);
        String value = configStructureSettings.getValue(WebConfigKeys.CERTIFICATE_TYPE);
        ConfigKey configKey = null;
        try {
            boolean z2 = -1;
            switch (value.hashCode()) {
                case -1429098067:
                    if (value.equals(WebConfigKeys.LETSENCRYPT_CERTIFICATE)) {
                        z2 = 2;
                        break;
                    }
                    break;
                case 101397:
                    if (value.equals(WebConfigKeys.FIX_FILE_CERTIFICATE)) {
                        z2 = false;
                        break;
                    }
                    break;
                case 642012666:
                    if (value.equals(WebConfigKeys.FIX_UPLOAD_CERTIFICATE)) {
                        z2 = true;
                        break;
                    }
                    break;
            }
            switch (z2) {
                case WebConfig.MIN_PORT /* 0 */:
                    if (!configValidator.checkNotEmpty(ConfigKey.LISTENER_SSL_CERTIFICATE) || !configValidator.checkFileExists(ConfigKey.LISTENER_SSL_CERTIFICATE)) {
                        return null;
                    }
                    q = IOFunctions.getFileURL(configStructureSettings.getValue(ConfigKey.LISTENER_SSL_CERTIFICATE));
                    configKey = ConfigKey.LISTENER_SSL_CERTIFICATE;
                    break;
                    break;
                case true:
                    String changedValue = configStructureSettings.getChangedValue(WebConfigKeys.LISTENER_SSL_CERTIFICATE_UPLOAD.getKey());
                    if (StringFunctions.isEmpty(changedValue)) {
                        changedValue = ((Serializable) Objects.requireNonNullElse(a.t().w(), "")).toString();
                    }
                    q = IOFunctions.getDataUrl("application/ssl-certificate-reader", FileUploadConfigProperty.decodeUploadDataAsBytes(changedValue));
                    configKey = WebConfigKeys.LISTENER_SSL_CERTIFICATE_UPLOAD;
                    break;
                case true:
                    q = com.inet.webserver.acme.b.q();
                    configKey = WebConfigKeys.CERTIFICATE_DOMAINS;
                    if (q == null) {
                        arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.certificate.noLetsencrypt", new Object[]{""}), configKey));
                        return null;
                    }
                    break;
                default:
                    return null;
            }
            try {
                Certificate a = f.a(q, z, arrayList);
                if (a == null) {
                    arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.certificate.notAValidCertificate", new Object[]{""}), configKey));
                }
                return a;
            } catch (CertificateException e) {
                arrayList.add(a(e, configStructureSettings.getLocale(), configKey));
                return null;
            }
        } catch (Throwable th) {
            arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.certificate.notAValidCertificate", new Object[]{StringFunctions.getUserFriendlyErrorMessage(th)}), configKey));
            return null;
        }
    }

    @Nonnull
    public static ConfigValidationMsg a(@Nonnull Exception exc, @Nonnull Locale locale, @Nonnull ConfigKey configKey) {
        String userFriendlyErrorMessage = StringFunctions.getUserFriendlyErrorMessage(exc);
        ConfigValidationMsg.Type type = ConfigValidationMsg.Type.Invalid;
        Throwable th = exc;
        while (true) {
            Throwable th2 = th;
            if (th2 != null && th2.getMessage() != null) {
                String message = th2.getMessage();
                if (message != null) {
                    boolean z = -1;
                    switch (message.hashCode()) {
                        case 1837065606:
                            if (message.equals("unable to find valid certification path to requested target")) {
                                z = false;
                            }
                        default:
                            switch (z) {
                                case WebConfig.MIN_PORT /* 0 */:
                                    userFriendlyErrorMessage = WebServerPlugin.MSG.getMsg("error.validator.certificate.noTrust", new Object[0]);
                                    type = ConfigValidationMsg.Type.Warning;
                                    break;
                            }
                    }
                }
                th = th2.getCause();
            }
        }
        return new ConfigValidationMsg(type, userFriendlyErrorMessage, configKey);
    }

    @Nullable
    private RSAPrivateKey a(@Nonnull ArrayList<ConfigValidationMsg> arrayList, @Nonnull ConfigStructureSettings configStructureSettings) {
        URL r;
        ConfigKey configKey;
        ConfigValidator configValidator = new ConfigValidator(arrayList, configStructureSettings);
        String value = configStructureSettings.getValue(WebConfigKeys.CERTIFICATE_TYPE);
        try {
            boolean z = -1;
            switch (value.hashCode()) {
                case -1429098067:
                    if (value.equals(WebConfigKeys.LETSENCRYPT_CERTIFICATE)) {
                        z = 2;
                        break;
                    }
                    break;
                case 101397:
                    if (value.equals(WebConfigKeys.FIX_FILE_CERTIFICATE)) {
                        z = false;
                        break;
                    }
                    break;
                case 642012666:
                    if (value.equals(WebConfigKeys.FIX_UPLOAD_CERTIFICATE)) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case WebConfig.MIN_PORT /* 0 */:
                    if (!configValidator.checkNotEmpty(ConfigKey.LISTENER_SSL_PRIVATEKEY) || !configValidator.checkFileExists(ConfigKey.LISTENER_SSL_PRIVATEKEY)) {
                        return null;
                    }
                    r = IOFunctions.getFileURL(configStructureSettings.getValue(ConfigKey.LISTENER_SSL_PRIVATEKEY));
                    configKey = ConfigKey.LISTENER_SSL_PRIVATEKEY;
                    break;
                    break;
                case true:
                    String changedValue = configStructureSettings.getChangedValue(WebConfigKeys.LISTENER_SSL_PRIVATEKEY_UPLOAD.getKey());
                    if (StringFunctions.isEmpty(changedValue)) {
                        changedValue = ((Serializable) Objects.requireNonNullElse(a.u().w(), "")).toString();
                    }
                    r = IOFunctions.getDataUrl("application/ssl-certificate-reader", FileUploadConfigProperty.decodeUploadDataAsBytes(changedValue));
                    configKey = WebConfigKeys.LISTENER_SSL_PRIVATEKEY_UPLOAD;
                    break;
                case true:
                    r = com.inet.webserver.acme.b.r();
                    configKey = WebConfigKeys.CERTIFICATE_DOMAINS;
                    if (r == null) {
                        arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.privatekey.noLetsencrypt", new Object[]{""}), configKey));
                        return null;
                    }
                    break;
                default:
                    return null;
            }
            RSAPrivateKey b = f.b(r);
            if (b == null) {
                if ("data".equals(r.getProtocol())) {
                    r = IOFunctions.getDataUrl("application/ssl-certificate-reader", "<redacted>".getBytes());
                }
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.privatekey.notAValidPrivateKey", new Object[]{r}), configKey));
            }
            return b;
        } catch (Throwable th) {
            arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, translate(configStructureSettings, "error.validator.privatekey.notAValidPrivateKey", new Object[]{StringFunctions.getUserFriendlyErrorMessage(th)}), (ConfigKey) null));
            return null;
        }
    }

    @SuppressFBWarnings(value = {"PATH_TRAVERSAL_IN"}, justification = "administrator user input is used")
    public void action(@Nonnull String str, @Nonnull ArrayList<ConfigValidationMsg> arrayList, @Nonnull ConfigStructureSettings configStructureSettings) {
        Properties values = configStructureSettings.getValues();
        boolean z = -1;
        switch (str.hashCode()) {
            case -2119738414:
                if (str.equals("action.webserver.uploaded.certificate.ok")) {
                    z = 2;
                    break;
                }
                break;
            case -355380216:
                if (str.equals("action.webserver.certificate")) {
                    z = false;
                    break;
                }
                break;
            case -37582462:
                if (str.equals("action.webserver.certificate.ok")) {
                    z = 3;
                    break;
                }
                break;
            case 218372524:
                if (str.equals("action.webserver.letsencrypt.ok")) {
                    z = 6;
                    break;
                }
                break;
            case 347463031:
                if (str.equals("action.validate.certificate")) {
                    z = 7;
                    break;
                }
                break;
            case 383132600:
                if (str.equals("action.webserver.uploaded.certificate")) {
                    z = true;
                    break;
                }
                break;
            case 558089246:
                if (str.equals("action.webserver.letsencrypt")) {
                    z = 5;
                    break;
                }
                break;
            case 1130467584:
                if (str.equals("action.webserver.restart")) {
                    z = 4;
                    break;
                }
                break;
        }
        switch (z) {
            case WebConfig.MIN_PORT /* 0 */:
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Popup, "", "action.webserver.certificate"));
                return;
            case true:
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Popup, "", "action.webserver.uploaded.certificate"));
                return;
            case true:
                SSLSelfSignedCertificateGenerator sSLSelfSignedCertificateGenerator = new SSLSelfSignedCertificateGenerator();
                String a = a(configStructureSettings);
                String b = b(configStructureSettings);
                String value = configStructureSettings.getValue("location");
                String c = c(configStructureSettings);
                try {
                    FastByteArrayOutputStream fastByteArrayOutputStream = new FastByteArrayOutputStream();
                    try {
                        FastByteArrayOutputStream fastByteArrayOutputStream2 = new FastByteArrayOutputStream();
                        try {
                            sSLSelfSignedCertificateGenerator.createCertificateAndPrivateKey(fastByteArrayOutputStream, fastByteArrayOutputStream2, a, b, value, c);
                            URL dataUrl = IOFunctions.getDataUrl("application/ssl-certificate-reader", fastByteArrayOutputStream2.toByteArray());
                            URL dataUrl2 = IOFunctions.getDataUrl("application/ssl-certificate-reader", fastByteArrayOutputStream.toByteArray());
                            Objects.requireNonNull(dataUrl);
                            Objects.requireNonNull(dataUrl2);
                            Objects.requireNonNull(values);
                            values.setProperty(WebConfigKeys.LISTENER_SSL_CERTIFICATE_UPLOAD.getKey(), dataUrl.toExternalForm());
                            values.setProperty(WebConfigKeys.LISTENER_SSL_PRIVATEKEY_UPLOAD.getKey(), dataUrl2.toExternalForm());
                            fastByteArrayOutputStream2.close();
                            fastByteArrayOutputStream.close();
                            return;
                        } catch (Throwable th) {
                            try {
                                fastByteArrayOutputStream2.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                            throw th;
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    c.o.error(th3);
                    throw new ClientMessageException(StringFunctions.getUserFriendlyErrorMessage(th3));
                }
            case true:
                SSLSelfSignedCertificateGenerator sSLSelfSignedCertificateGenerator2 = new SSLSelfSignedCertificateGenerator();
                String a2 = a(configStructureSettings);
                String b2 = b(configStructureSettings);
                String value2 = configStructureSettings.getValue("location");
                String c2 = c(configStructureSettings);
                String d = d(configStructureSettings);
                StringBuilder sb = new StringBuilder();
                sb.append(a2);
                if (b2 != null && b2.length() > 0) {
                    sb.append('_').append(b2);
                }
                if (value2 != null && value2.length() > 0) {
                    sb.append('_').append(value2);
                }
                if (c2 != null && c2.length() > 0) {
                    sb.append('_').append(c2);
                }
                String sb2 = sb.toString();
                for (char c3 : " /\\?*:<>|\"".toCharArray()) {
                    sb2 = sb2.replace(c3, '_');
                }
                File file = new File(d, sb2 + ".key");
                File file2 = new File(d, sb2 + ".crt");
                try {
                    FileOutputStream fileOutputStream = new FileOutputStream(file);
                    try {
                        FileOutputStream fileOutputStream2 = new FileOutputStream(file2);
                        try {
                            sSLSelfSignedCertificateGenerator2.createCertificateAndPrivateKey(fileOutputStream, fileOutputStream2, a2, b2, value2, c2);
                            fileOutputStream2.close();
                            fileOutputStream.close();
                            if (values != null) {
                                values.setProperty(ConfigKey.LISTENER_SSL_CERTIFICATE.getKey(), file2.getAbsolutePath());
                                values.setProperty(ConfigKey.LISTENER_SSL_PRIVATEKEY.getKey(), file.getAbsolutePath());
                                return;
                            }
                            return;
                        } catch (Throwable th4) {
                            try {
                                fileOutputStream2.close();
                            } catch (Throwable th5) {
                                th4.addSuppressed(th5);
                            }
                            throw th4;
                        }
                    } finally {
                    }
                } catch (Throwable th6) {
                    c.o.error(th6);
                    file.delete();
                    file2.delete();
                    throw new ClientMessageException(StringFunctions.getUserFriendlyErrorMessage(th6));
                }
            case true:
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.AskRestart, translate(configStructureSettings, "action.webserver.restart.msg", new Object[0]), (String) null));
                return;
            case true:
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Popup, "", "action.webserver.letsencrypt"));
                return;
            case true:
                String value3 = configStructureSettings.getValue("acme.domain");
                if (value3 == null || value3.trim().isEmpty()) {
                    return;
                }
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Valid, translate(configStructureSettings, "action.webserver.letsencrypt.success", new Object[0]), "acme.domain"));
                if (values != null) {
                    values.setProperty(WebConfigKeys.CERTIFICATE_DOMAINS.getKey(), value3);
                    return;
                }
                return;
            case true:
                a(arrayList, configStructureSettings, true);
                if (arrayList.size() == 0) {
                    arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Valid, translate(configStructureSettings, "action.validate.success", new Object[0]), "action.validate.certificate"));
                    return;
                }
                return;
            default:
                return;
        }
    }

    private void e(@Nonnull ConfigStructureSettings configStructureSettings) {
        if (ServerPluginManager.getInstance().isPluginLoaded("taskplanner")) {
            TaskPlanner taskPlanner = TaskPlanner.getInstance();
            Iterator it = taskPlanner.getAllTaskIDs().iterator();
            while (it.hasNext()) {
                TaskDefinition taskDefinition = taskPlanner.getTaskDefinition((GUID) it.next());
                if (taskDefinition != null) {
                    Iterator it2 = taskDefinition.getJobs().iterator();
                    while (it2.hasNext()) {
                        if ("job.acme".equals(((JobDefinition) it2.next()).getExtensionName())) {
                            return;
                        }
                    }
                }
            }
            TaskDefinition taskDefinition2 = new TaskDefinition(translate(configStructureSettings, WebConfigKeys.LETSENCRYPT_CERTIFICATE, new Object[0]));
            taskDefinition2.addTrigger(new TimeTriggerBuilder().withHourAndMinute(3, 0).withRepeating(RepeatInterval.MONTHLY).create());
            taskDefinition2.addJob(new JobDefinition("job.acme"));
            TaskPlannerForUsers.getInstance().addTask(taskDefinition2);
        }
    }

    private void a(@Nonnull ConfigStructureSettings configStructureSettings, File... fileArr) {
        if (SystemPermissionChecker.checkAccess(TaskPlanner.PERMISSION_TASKPLANNER)) {
            TaskPlanner taskPlanner = TaskPlanner.getInstance();
            TaskDefinition taskDefinition = null;
            GUID guid = null;
            for (GUID guid2 : taskPlanner.getAllTaskIDs()) {
                TaskDefinition taskDefinition2 = taskPlanner.getTaskDefinition(guid2);
                if (taskDefinition2 != null) {
                    Iterator it = taskDefinition2.getJobs().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if ("job.SSLReload".equals(((JobDefinition) it.next()).getExtensionName())) {
                            taskDefinition = taskDefinition2;
                            guid = guid2;
                            for (TriggerDefinition triggerDefinition : new ArrayList(taskDefinition.getTriggers())) {
                                if ("trigger.filechange".equals(triggerDefinition.getExtensionName())) {
                                    taskDefinition.removeTrigger(triggerDefinition);
                                }
                            }
                            TaskPlannerForUsers.getInstance().updateTask(guid, taskDefinition);
                        }
                    }
                }
            }
            if (taskDefinition == null) {
                taskDefinition = new TaskDefinition(translate(configStructureSettings, WebConfigKeys.FIX_FILE_CERTIFICATE, new Object[0]));
                taskDefinition.addJob(new JobDefinition("job.SSLReload"));
                guid = TaskPlannerForUsers.getInstance().addTask(taskDefinition);
            }
            if (guid == null) {
                return;
            }
            boolean z = false;
            for (File file : fileArr) {
                if (file != null && !file.getPath().isEmpty()) {
                    taskDefinition.addTrigger(FileChangeTriggerBuilder.createForFile(file.getPath()));
                    z = true;
                }
            }
            if (z) {
                TaskPlannerForUsers.getInstance().updateTask(guid, taskDefinition);
            } else {
                TaskPlannerForUsers.getInstance().removeTask(guid);
            }
        }
    }

    @SuppressFBWarnings(value = {"PATH_TRAVERSAL_IN"}, justification = "only administrator input is used")
    public ConfigStructure.SaveState save(String str, String str2, @Nonnull ConfigStructureSettings configStructureSettings) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -2128610033:
                if (str.equals("listener.header.http")) {
                    z = 5;
                    break;
                }
                break;
            case -1562401468:
                if (str.equals("listener.header.https")) {
                    z = 6;
                    break;
                }
                break;
            case -1453597417:
                if (str.equals("listener.ssl.privatekey.upload")) {
                    z = 3;
                    break;
                }
                break;
            case -274808965:
                if (str.equals("listener.ssl.certificate")) {
                    z = false;
                    break;
                }
                break;
            case -197447892:
                if (str.equals("serverURL")) {
                    z = 4;
                    break;
                }
                break;
            case 464495572:
                if (str.equals("listener.ssl.certificate.upload")) {
                    z = 2;
                    break;
                }
                break;
            case 1202513016:
                if (str.equals("listener.ssl.redirect")) {
                    z = 7;
                    break;
                }
                break;
            case 1238703000:
                if (str.equals("listener.ssl.privatekey")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case WebConfig.MIN_PORT /* 0 */:
            case true:
                File file = new File(configStructureSettings.getValue(ConfigKey.LISTENER_SSL_CERTIFICATE));
                File file2 = new File(configStructureSettings.getValue(ConfigKey.LISTENER_SSL_PRIVATEKEY));
                if (ServerPluginManager.getInstance().isPluginLoaded("taskplanner")) {
                    a(configStructureSettings, file, file2);
                }
                try {
                    if (file.exists() && file2.exists()) {
                        com.inet.webserver.b.a(new f(IOFunctions.getFileURL(file), IOFunctions.getFileURL(file2)));
                    }
                    break;
                } catch (Exception e) {
                    c.o.error(e);
                    break;
                }
                break;
            case true:
            case true:
                try {
                    byte[] decodeUploadDataAsBytes = FileUploadConfigProperty.decodeUploadDataAsBytes(configStructureSettings.getValue(WebConfigKeys.LISTENER_SSL_CERTIFICATE_UPLOAD));
                    byte[] decodeUploadDataAsBytes2 = FileUploadConfigProperty.decodeUploadDataAsBytes(configStructureSettings.getValue(WebConfigKeys.LISTENER_SSL_PRIVATEKEY_UPLOAD));
                    a u = a.u();
                    a t = a.t();
                    u.a(decodeUploadDataAsBytes2);
                    t.a(decodeUploadDataAsBytes);
                    com.inet.webserver.b.a(new f(t.w(), u.w()));
                } catch (Exception e2) {
                    c.o.error(e2);
                }
                return ConfigStructure.SaveState.SAVE;
            case true:
                if (Objects.equals(str2, ConfigKey.SERVER_URL.getDefault())) {
                    str2 = null;
                }
                configStructureSettings.save(ConfigKey.SERVER_URL, str2);
                return ConfigStructure.SaveState.SAVE;
            case true:
            case true:
                Json json = new Json();
                List<List> list = (List) json.fromJson(str2, ArrayList.class);
                HashMap hashMap = new HashMap();
                if (list != null) {
                    for (List list2 : list) {
                        if (list2.size() == 2) {
                            hashMap.put((String) list2.get(0), (String) list2.get(1));
                        }
                    }
                }
                configStructureSettings.save(str, json.toJson(hashMap));
                return ConfigStructure.SaveState.SAVE;
            case true:
                configStructureSettings.save(ConfigKey.LISTENER_SSL_REDIRECT, str2);
                return ConfigStructure.SaveState.RELOAD;
        }
        return super.save(str, str2, configStructureSettings);
    }

    @SuppressFBWarnings(value = {"URLCONNECTION_SSRF_FD"}, justification = "Only admin input is used")
    private boolean a(String[] strArr, @Nonnull ArrayList<ConfigValidationMsg> arrayList, @Nonnull ConfigStructureSettings configStructureSettings) {
        int i;
        byte[] readBytes;
        String str = strArr.hashCode();
        byte[] bytes = (configStructureSettings.hashCode()).getBytes();
        com.inet.webserver.acme.a.a(str, bytes);
        StringBuilder sb = null;
        int size = arrayList.size();
        int length = strArr.length;
        for (0; i < length; i + 1) {
            String str2 = strArr[i];
            try {
                try {
                    readBytes = IOFunctions.getFileBuffer(new URL("http://" + str2 + "/.well-known/acme-challenge/" + str));
                } catch (IOException e) {
                    URLConnection openConnection = new URL("https://" + str2 + "/.well-known/acme-challenge/" + str).openConnection();
                    TrustAllTrustManager.trustAllCerticates(openConnection, false);
                    InputStream inputStream = openConnection.getInputStream();
                    try {
                        readBytes = IOFunctions.readBytes(inputStream);
                        if (inputStream != null) {
                            inputStream.close();
                        }
                    } catch (Throwable th) {
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                        break;
                    }
                }
            } catch (IOException e2) {
                c.o.debug(e2);
                str2 = str2 + " (error: " + StringFunctions.getUserFriendlyErrorMessage(e2) + ")";
            } catch (Throwable th3) {
                c.o.debug(th3);
                arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, StringFunctions.getUserFriendlyErrorMessage(th3), "acme.domain"));
            }
            i = Arrays.equals(readBytes, bytes) ? i + 1 : 0;
            if (sb == null) {
                sb = new StringBuilder();
            } else {
                sb.append(", ");
            }
            sb.append(str2);
        }
        if (sb != null) {
            arrayList.add(new ConfigValidationMsg(ConfigValidationMsg.Type.Invalid, "The following hosts are not listening on port 80 or 443: " + String.valueOf(sb), "acme.domain"));
        }
        com.inet.webserver.acme.a.e(str);
        return size - arrayList.size() == 0;
    }

    private static boolean f(@Nonnull ConfigStructureSettings configStructureSettings) {
        return configStructureSettings.isFilter() || configStructureSettings.isFilter() || WebConfigKeys.LETSENCRYPT_CERTIFICATE.equals(configStructureSettings.getValue(WebConfigKeys.CERTIFICATE_TYPE)) || new com.inet.webserver.acme.b().isAvailable();
    }
}
