package com.maverick.sshd;

import com.sshtools.net.CIDRNetwork;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/maverick/sshd/IPPolicy.class */
public class IPPolicy extends Permissions {
    static Logger log = LoggerFactory.getLogger(IPPolicy.class);
    static final int ALLOW_CONNECT = 1;
    List<CIDRNetwork> blacklist = new ArrayList();
    List<CIDRNetwork> whitelist = new ArrayList();

    public IPPolicy() {
        add(1);
    }

    protected boolean assertConnection(SocketAddress socketAddress, SocketAddress socketAddress2) {
        if (check(1)) {
            return assertAllowed(socketAddress, socketAddress2);
        }
        return false;
    }

    protected boolean assertAllowed(SocketAddress socketAddress, SocketAddress socketAddress2) {
        boolean z = true;
        InetAddress address = ((InetSocketAddress) socketAddress).getAddress();
        String hostString = address == null ? ((InetSocketAddress) socketAddress).getHostString() : address.getHostAddress();
        if (!this.whitelist.isEmpty()) {
            z = isListed(hostString, this.whitelist);
        }
        boolean isListed = isListed(hostString, this.blacklist);
        if (log.isTraceEnabled()) {
            log.trace("{} is {} by IP policy", socketAddress.toString(), (!z || isListed) ? "denied" : "allowed");
        }
        return z && !isListed;
    }

    protected boolean isListed(String str, List<CIDRNetwork> list) {
        Iterator<CIDRNetwork> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().isValidAddressForNetwork(str)) {
                return true;
            }
        }
        return false;
    }

    public final boolean checkConnection(SocketAddress socketAddress, SocketAddress socketAddress2) {
        return assertConnection(socketAddress, socketAddress2);
    }

    public void stopAcceptingConnections() {
        if (log.isInfoEnabled()) {
            log.info("Stop accepting connections on IP Policy");
        }
        remove(1);
    }

    public void startAcceptingConnections() {
        if (log.isInfoEnabled()) {
            log.info("Start accepting connections on IP Policy");
        }
        add(1);
    }

    public void blacklist(String str) {
        this.blacklist.add(new CIDRNetwork(str));
    }

    public void whitelist(String str) {
        this.whitelist.add(new CIDRNetwork(str));
    }
}
