package org.elasticsearch.bootstrap;

import com.carrotsearch.randomizedtesting.RandomizedRunner;
import com.carrotsearch.randomizedtesting.RandomizedTest;
import java.io.FilePermission;
import java.io.InputStream;
import java.net.SocketPermission;
import java.net.URL;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.security.Permission;
import java.security.Permissions;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import org.apache.log4j.Java9Hack;
import org.apache.lucene.util.Constants;
import org.apache.lucene.util.LuceneTestCase;
import org.elasticsearch.SecureSM;
import org.elasticsearch.common.Strings;
import org.elasticsearch.common.SuppressForbidden;
import org.elasticsearch.common.io.PathUtils;
import org.junit.Assert;

/* loaded from: input_file:org/elasticsearch/bootstrap/BootstrapForTesting.class */
public class BootstrapForTesting {
    @SuppressForbidden(reason = "accesses fully qualified URLs to configure security")
    static Map<String, Policy> getPluginPermissions() throws Exception {
        ArrayList list = Collections.list(BootstrapForTesting.class.getClassLoader().getResources("plugin-security.policy"));
        if (list.isEmpty()) {
            return Collections.emptyMap();
        }
        HashSet hashSet = new HashSet(Arrays.asList(parseClassPathWithSymlinks()));
        hashSet.removeAll(new HashSet(Arrays.asList(Bootstrap.class.getProtectionDomain().getCodeSource().getLocation(), BootstrapForTesting.class.getProtectionDomain().getCodeSource().getLocation(), LuceneTestCase.class.getProtectionDomain().getCodeSource().getLocation(), RandomizedRunner.class.getProtectionDomain().getCodeSource().getLocation(), Assert.class.getProtectionDomain().getCodeSource().getLocation())));
        final ArrayList arrayList = new ArrayList();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(Security.readPolicy((URL) it.next(), (URL[]) hashSet.toArray(new URL[hashSet.size()])));
        }
        HashMap hashMap = new HashMap();
        Iterator it2 = hashSet.iterator();
        while (it2.hasNext()) {
            hashMap.put(((URL) it2.next()).getFile(), new Policy() { // from class: org.elasticsearch.bootstrap.BootstrapForTesting.2
                @Override // java.security.Policy
                public boolean implies(ProtectionDomain protectionDomain, Permission permission) {
                    Iterator it3 = arrayList.iterator();
                    while (it3.hasNext()) {
                        if (((Policy) it3.next()).implies(protectionDomain, permission)) {
                            return true;
                        }
                    }
                    return false;
                }
            });
        }
        return Collections.unmodifiableMap(hashMap);
    }

    @SuppressForbidden(reason = "does evil stuff with paths and urls because devs and jenkins do evil stuff with paths and urls")
    static URL[] parseClassPathWithSymlinks() throws Exception {
        URL[] parseClassPath = JarHell.parseClassPath();
        for (int i = 0; i < parseClassPath.length; i++) {
            parseClassPath[i] = PathUtils.get(parseClassPath[i].toURI()).toRealPath(new LinkOption[0]).toUri().toURL();
        }
        return parseClassPath;
    }

    public static void ensureInitialized() {
    }

    static {
        Path path = PathUtils.get((String) Objects.requireNonNull(System.getProperty("java.io.tmpdir"), "please set ${java.io.tmpdir} in pom.xml"), new String[0]);
        try {
            Security.ensureDirectoryExists(path);
            Bootstrap.initializeNatives(path, true, true, true);
            Bootstrap.initializeProbes();
            BootstrapInfo.getSystemProperties();
            try {
                JarHell.checkJarHell();
                if (Constants.JRE_IS_MINIMUM_JAVA9) {
                    Java9Hack.fixLog4j();
                }
                if (RandomizedTest.systemPropertyAsBoolean("tests.security.manager", true)) {
                    try {
                        Permissions permissions = new Permissions();
                        Security.addClasspathPermissions(permissions);
                        for (URL url : JarHell.parseClassPath()) {
                            Path path2 = PathUtils.get(url.toURI());
                            String path3 = path2.getFileName().toString();
                            if (path3.contains("jython") && path3.endsWith(".jar")) {
                                permissions.add(new FilePermission(path2.getParent().toString(), "read,readlink"));
                                permissions.add(new FilePermission(path2.getParent().resolve("Lib").toString(), "read,readlink"));
                            }
                        }
                        Security.addPath(permissions, "java.io.tmpdir", path, "read,readlink,write,delete");
                        if (Strings.hasLength(System.getProperty("tests.config"))) {
                            permissions.add(new FilePermission(System.getProperty("tests.config"), "read,readlink"));
                        }
                        if (Boolean.getBoolean("tests.coverage")) {
                            Path path4 = PathUtils.get(System.getProperty("tests.coverage.dir"), new String[0]);
                            permissions.add(new FilePermission(path4.resolve("jacoco.exec").toString(), "read,write"));
                            permissions.add(new FilePermission(path4.resolve("jacoco-it.exec").toString(), "read,write"));
                        }
                        if (System.getProperty("tests.gradle") == null) {
                            permissions.add(new RuntimePermission("setIO"));
                        }
                        permissions.add(new SocketPermission("localhost:0", "listen,resolve"));
                        permissions.add(new SocketPermission("localhost:1024-", "listen,resolve"));
                        final Policy readPolicy = Security.readPolicy(Bootstrap.class.getResource("test-framework.policy"), JarHell.parseClassPath());
                        final ESPolicy eSPolicy = new ESPolicy(permissions, getPluginPermissions(), true);
                        Policy.setPolicy(new Policy() { // from class: org.elasticsearch.bootstrap.BootstrapForTesting.1
                            @Override // java.security.Policy
                            public boolean implies(ProtectionDomain protectionDomain, Permission permission) {
                                return eSPolicy.implies(protectionDomain, permission) || readPolicy.implies(protectionDomain, permission);
                            }
                        });
                        System.setSecurityManager(new SecureSM(true));
                        Security.selfTest();
                        Iterator it = Collections.list(BootstrapForTesting.class.getClassLoader().getResources("plugin-descriptor.properties")).iterator();
                        while (it.hasNext()) {
                            URL url2 = (URL) it.next();
                            Properties properties = new Properties();
                            InputStream openStream = url2.openStream();
                            Throwable th = null;
                            try {
                                try {
                                    properties.load(openStream);
                                    if (openStream != null) {
                                        if (0 != 0) {
                                            try {
                                                openStream.close();
                                            } catch (Throwable th2) {
                                                th.addSuppressed(th2);
                                            }
                                        } else {
                                            openStream.close();
                                        }
                                    }
                                    String property = properties.getProperty("classname");
                                    if (property != null) {
                                        Class.forName(property);
                                    }
                                } catch (Throwable th3) {
                                    th = th3;
                                    throw th3;
                                }
                            } catch (Throwable th4) {
                                if (openStream != null) {
                                    if (th != null) {
                                        try {
                                            openStream.close();
                                        } catch (Throwable th5) {
                                            th.addSuppressed(th5);
                                        }
                                    } else {
                                        openStream.close();
                                    }
                                }
                                throw th4;
                            }
                        }
                    } catch (Exception e) {
                        throw new RuntimeException("unable to install test security manager", e);
                    }
                }
            } catch (Exception e2) {
                throw new RuntimeException("found jar hell in test classpath", e2);
            }
        } catch (Exception e3) {
            throw new RuntimeException("unable to create test temp directory", e3);
        }
    }
}
