package com.ibm.tivoli.transperf.commonui.util;

import com.ibm.tivoli.logging.jflt.IExtendedLogger;
import com.ibm.tivoli.logging.jflt.LogLevel;
import com.ibm.tivoli.transperf.logging.util.LogUtil;
import com.ibm.tivoli.transperf.ui.policy.JobWorkflowTask;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.MissingResourceException;
import java.util.ResourceBundle;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/ibm/tivoli/transperf/commonui/util/FileTransfer.class */
public class FileTransfer extends HttpServlet {
    protected ServletConfig servletConfig;
    private ClassLoader callerClassLoader;
    public static final String COPYRIGHT = "OCO Source Materials\n\nLicensed Materials - Property of IBM\n\n5724-C02\n\n(C) Copyright IBM Corp. 2003  All Rights Reserved.\n\nUS Government Users Restricted Rights - Use, duplication or\ndisclosure restricted by GSA ADP Schedule Contract with IBM Corp.\n";
    private static final String TMTP_BASE_DIR_PROP = "tmtp.base.dir";
    private static final String SERVER_BUNDLE = "server";
    private static final String CLASS_NAME = "FileTransfer";
    protected static int fileTransferBufferSize = 32767;
    private static IExtendedLogger logger = LogUtil.getTraceLogger("BWM.trc.core.services.sm");
    private static final MIMETranslator mime = new MIMETranslator();
    protected static String managementServerBaseDir = getBaseDirectory();

    public void init(ServletConfig servletConfig) throws ServletException {
        if (logger.isLogging(LogLevel.DEBUG_MIN)) {
            logger.entry(LogLevel.DEBUG_MIN, CLASS_NAME, "init(ServletConfig)", new Object[]{servletConfig});
        }
        this.servletConfig = servletConfig;
        if (logger.isLogging(LogLevel.DEBUG_MIN)) {
            logger.log(LogLevel.DEBUG_MIN, CLASS_NAME, "init(ServletConfig)", new StringBuffer().append("Management Server Path: ").append(managementServerBaseDir).toString());
        }
        if (logger.isLogging(LogLevel.DEBUG_MIN)) {
            logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "init(ServletConfig)");
        }
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (logger.isLogging(LogLevel.DEBUG_MIN)) {
            logger.entry(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", new Object[]{httpServletRequest, httpServletResponse});
        }
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        String requestURI = httpServletRequest.getRequestURI();
        String str = "";
        String servletName = this.servletConfig.getServletName();
        int indexOf = requestURI.indexOf(servletName);
        String property = System.getProperty("file.separator");
        if (indexOf > 0) {
            if (indexOf + servletName.length() == requestURI.length()) {
                httpServletResponse.setContentType("text/html");
                httpServletResponse.sendError(403, "URI must reference a file.");
                if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                    logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", "URI must reference a file.");
                    return;
                }
                return;
            }
            String substring = requestURI.substring(indexOf + servletName.length() + 1);
            str = new StringBuffer().append(property).append(substring).toString();
            if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                logger.log(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", new StringBuffer().append("Pathcheck = |").append(substring).append("|").toString());
            }
            boolean z = true;
            String str2 = "Path is not allowed. Relative path must be ";
            String lowerCase = substring.toLowerCase();
            if (lowerCase.startsWith(new StringBuffer().append("apps/data/").append("STI".toLowerCase()).toString()) || lowerCase.startsWith(new StringBuffer().append("apps/data/").append("QOS".toLowerCase()).toString()) || lowerCase.startsWith(new StringBuffer().append("apps/data/").append(JobWorkflowTask.TYPE_GENWIN.toLowerCase()).toString()) || lowerCase.startsWith(new StringBuffer().append("apps/data/").append("J2EE".toLowerCase()).toString()) || lowerCase.startsWith("downloads/")) {
                z = false;
            } else {
                str2 = new StringBuffer().append(new StringBuffer().append(new StringBuffer().append(new StringBuffer().append(new StringBuffer().append(str2).append("apps/data/").append("STI".toLowerCase()).toString()).append("apps/data/").append("QOS".toLowerCase()).toString()).append("apps/data/").append(JobWorkflowTask.TYPE_GENWIN.toLowerCase()).toString()).append("apps/data/").append("J2EE".toLowerCase()).toString()).append("downloads/").toString();
            }
            if (z && logger.isLogging(LogLevel.DEBUG_MIN)) {
                logger.log(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", new StringBuffer().append("Requested path: ").append(lowerCase).append(" is a forbidden path").toString());
            }
            if (str.indexOf("/..") > 0) {
                z = true;
                str2 = ".. is not allowed in the path.";
            }
            if (str.indexOf("\\..") > 0) {
                z = true;
                str2 = ".. is not allowed in the path.";
            }
            if (z) {
                httpServletResponse.setContentType("text/html");
                httpServletResponse.sendError(403, str2);
                if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                    logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", str2);
                    return;
                }
                return;
            }
        }
        File file = new File(updateFileSeparators(new StringBuffer().append(managementServerBaseDir).append(str).toString()));
        if (logger.isLogging(LogLevel.DEBUG_MIN)) {
            logger.log(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", new StringBuffer().append("File to look for = ").append(file.getAbsolutePath()).toString());
        }
        if (!file.exists()) {
            httpServletResponse.sendError(404);
            if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)");
                return;
            }
            return;
        }
        if (!file.isFile()) {
            httpServletResponse.setContentType("text/html");
            httpServletResponse.sendError(403, "URI must be a file.");
            if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)");
                return;
            }
            return;
        }
        if (!file.canRead()) {
            httpServletResponse.setContentType("text/html");
            httpServletResponse.sendError(403, "Requested File is not readable.");
            if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)");
                return;
            }
            return;
        }
        try {
            new FileReader(file).close();
            if (logger.isLogging(LogLevel.DEBUG_MAX)) {
                logger.log(LogLevel.DEBUG_MAX, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", new StringBuffer().append("Fullpath = ").append(file.getCanonicalPath()).toString());
            }
            try {
                FileInputStream fileInputStream = new FileInputStream(file);
                byte[] bArr = new byte[fileTransferBufferSize];
                httpServletResponse.setContentType(mime.getMIMETypeforFilename(requestURI));
                while (fileInputStream.available() > 0) {
                    int read = fileInputStream.read(bArr);
                    if (read != -1) {
                        outputStream.write(bArr, 0, read);
                    }
                }
                fileInputStream.close();
            } catch (Exception e) {
                httpServletResponse.sendError(404);
                if (logger.isLogging(LogLevel.DEBUG_MAX)) {
                    logger.log(LogLevel.DEBUG_MAX, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", new StringBuffer().append("An exception occurred while reading ").append(str).append(e.getMessage()).toString());
                }
                StringWriter stringWriter = new StringWriter();
                e.printStackTrace(new PrintWriter(stringWriter));
                if (logger.isLogging(LogLevel.DEBUG_MAX)) {
                    logger.log(LogLevel.DEBUG_MAX, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)", stringWriter.toString());
                }
            }
            if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)");
            }
        } catch (FileNotFoundException e2) {
            httpServletResponse.setContentType("text/html");
            httpServletResponse.sendError(403, "File is not readable.");
            if (logger.isLogging(LogLevel.DEBUG_MIN)) {
                logger.exit(LogLevel.DEBUG_MIN, CLASS_NAME, "doGet(HttpServletRequest, HttpServletResponse)");
            }
        }
    }

    private static String getBaseDirectory() {
        if (logger.isLogging(LogLevel.DEBUG_MAX)) {
            logger.entry(LogLevel.DEBUG_MAX, CLASS_NAME, "getBaseDirectory()");
        }
        String property = System.getProperty(TMTP_BASE_DIR_PROP);
        if (property == null) {
            if (logger.isLogging(LogLevel.DEBUG_MAX)) {
                logger.log(LogLevel.DEBUG_MAX, CLASS_NAME, "getBaseDirectory()", new StringBuffer().append("System Property: ").append(TMTP_BASE_DIR_PROP).append(" not defined, trying to load: ").append(SERVER_BUNDLE).append(".properties file").toString());
            }
            try {
                ResourceBundle bundle = ResourceBundle.getBundle(SERVER_BUNDLE);
                if (bundle != null) {
                    property = bundle.getString(TMTP_BASE_DIR_PROP);
                } else if (logger.isLogging(LogLevel.DEBUG_MAX)) {
                    logger.log(LogLevel.DEBUG_MAX, CLASS_NAME, "getBaseDirectory()", new StringBuffer().append("Cannot access the resource bundle ").append(SERVER_BUNDLE).toString());
                }
            } catch (MissingResourceException e) {
                if (logger.isLogging(LogLevel.DEBUG_MAX)) {
                    logger.log(LogLevel.DEBUG_MAX, CLASS_NAME, "getBaseDirectory()", new StringBuffer().append("An exception while accessing the resource bundle ").append(SERVER_BUNDLE).append(".properties ").append(e.getMessage()).toString());
                }
            }
        }
        if (property == null) {
            if (logger.isLogging(LogLevel.DEBUG_MAX)) {
                logger.log(LogLevel.DEBUG_MAX, CLASS_NAME, "getBaseDirectory()", new StringBuffer().append("Couldn't load: ").append(SERVER_BUNDLE).append(".properties file, trying to use user.dir property").toString());
            }
            property = System.getProperty("user.dir");
        }
        if (logger.isLogging(LogLevel.INFO)) {
            logger.log(LogLevel.INFO, CLASS_NAME, "getBaseDirectory()", new StringBuffer().append("Base Directory used by FileTransfer Servlet is: ").append(property).toString());
        }
        if (logger.isLogging(LogLevel.DEBUG_MAX)) {
            logger.exit(LogLevel.DEBUG_MAX, CLASS_NAME, "getBaseDirectory()");
        }
        return property;
    }

    private static String updateFileSeparators(String str) {
        StringBuffer stringBuffer = new StringBuffer(str);
        int length = str.length();
        for (int i = 0; i < length; i++) {
            if (stringBuffer.charAt(i) == '/') {
                stringBuffer.setCharAt(i, File.separatorChar);
            }
        }
        return new String(stringBuffer);
    }
}
