package net.lukemurphey.nsia.scan;

import java.io.UnsupportedEncodingException;
import java.lang.Thread;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Timestamp;
import java.util.Date;
import java.util.Iterator;
import java.util.Vector;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.regex.Pattern;
import net.lukemurphey.nsia.Application;
import net.lukemurphey.nsia.InputValidationException;
import net.lukemurphey.nsia.NoDatabaseConnectionException;
import net.lukemurphey.nsia.NotFoundException;
import net.lukemurphey.nsia.Wildcard;
import net.lukemurphey.nsia.WorkerThread;
import net.lukemurphey.nsia.eventlog.EventLogField;
import net.lukemurphey.nsia.eventlog.EventLogMessage;
import net.lukemurphey.nsia.scan.DefinitionPolicyDescriptor;
import net.lukemurphey.nsia.scan.HttpDefinitionScanRule;
import net.lukemurphey.nsia.scan.ScanRule;
import org.apache.commons.httpclient.HttpClient;
import org.htmlparser.Parser;
import org.htmlparser.Tag;
import org.htmlparser.Text;
import org.htmlparser.filters.TagNameFilter;
import org.htmlparser.util.NodeList;
import org.htmlparser.util.ParserException;
import org.htmlparser.visitors.NodeVisitor;

/* loaded from: input_file:net/lukemurphey/nsia/scan/HttpSeekingScanRule.class */
public class HttpSeekingScanRule extends ScanRule implements WorkerThread {
    private Vector<URL> seedUrls;
    private Wildcard restrictToDomain;
    private boolean scanExternalLinks;
    private int scanCountLimit;
    private int recursionLevels;
    private static final int DEPTH_LIMIT = 100;
    private static final int SCAN_LIMIT = 50000;
    private int resourcesScanned;
    private boolean terminate;
    private boolean inScan;
    private String currentlyScanning;
    private HttpSeekingScanResult lastScanResult;
    private Exception exceptionThrown;
    private boolean stopRecursingOn404;
    Vector<ScanRunner> runningThreads;
    int maxScanThreads;
    public static final String RULE_TYPE = "HTTP/Autodiscovery";
    public static final int SUBCATEGORY_EXCEPTION_THRESHOLD = 5;

    /* loaded from: input_file:net/lukemurphey/nsia/scan/HttpSeekingScanRule$Finding.class */
    public static class Finding {
        private URL url;
        private DefinitionMatch[] signatureMatches;
        private long scanRuleId;
        private FindingResult findingResult;

        public Finding(URL url, DefinitionMatch[] definitionMatchArr, long j, FindingResult findingResult) {
            this.url = url;
            this.signatureMatches = new DefinitionMatch[definitionMatchArr.length];
            System.arraycopy(definitionMatchArr, 0, this.signatureMatches, 0, definitionMatchArr.length);
            this.scanRuleId = j;
            this.findingResult = findingResult;
        }

        public Finding(URL url, Vector<DefinitionMatch> vector, long j, FindingResult findingResult) {
            this.url = url;
            this.signatureMatches = new DefinitionMatch[vector.size()];
            vector.toArray(this.signatureMatches);
            this.scanRuleId = j;
            this.findingResult = findingResult;
        }

        public Finding(URL url, long j, FindingResult findingResult) {
            this(url, (Vector<DefinitionMatch>) new Vector(), j, findingResult);
        }

        public URL getUrl() {
            return this.url;
        }

        public FindingResult result() {
            return this.findingResult;
        }

        public DefinitionMatch[] getSignatureMatches() {
            DefinitionMatch[] definitionMatchArr = new DefinitionMatch[this.signatureMatches.length];
            System.arraycopy(this.signatureMatches, 0, definitionMatchArr, 0, this.signatureMatches.length);
            return definitionMatchArr;
        }

        public long getScanRuleID() {
            return this.scanRuleId;
        }
    }

    /* loaded from: input_file:net/lukemurphey/nsia/scan/HttpSeekingScanRule$FindingResult.class */
    public enum FindingResult {
        PARSE_FAILED,
        CONNECTION_FAILED,
        NOT_FOUND,
        PASSED,
        DEVIATIONS_DETECTED,
        URI_INVALID;

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static FindingResult[] valuesCustom() {
            FindingResult[] valuesCustom = values();
            int length = valuesCustom.length;
            FindingResult[] findingResultArr = new FindingResult[length];
            System.arraycopy(valuesCustom, 0, findingResultArr, 0, length);
            return findingResultArr;
        }
    }

    /* loaded from: input_file:net/lukemurphey/nsia/scan/HttpSeekingScanRule$LinkExtractionVisitor.class */
    public static class LinkExtractionVisitor extends NodeVisitor {
        private URL parentURL;
        private Vector<URL> urls;
        private int nodes;

        public LinkExtractionVisitor(URL url) {
            this.urls = new Vector<>();
            this.nodes = 0;
            if (url == null) {
                throw new IllegalArgumentException("The parent URL cannot be null");
            }
            this.parentURL = url;
        }

        public LinkExtractionVisitor(URL url, boolean z) {
            super(z);
            this.urls = new Vector<>();
            this.nodes = 0;
            if (url == null) {
                throw new IllegalArgumentException("The parent URL cannot be null");
            }
            this.parentURL = url;
        }

        public void visitTag(Tag tag) {
            try {
                this.nodes++;
                if (tag.getTagName().equalsIgnoreCase("a") && tag.getAttribute("href") != null) {
                    this.urls.add(new URL(this.parentURL, tag.getAttribute("href")));
                } else if (tag.getTagName().equalsIgnoreCase("img") && tag.getAttribute("src") != null) {
                    this.urls.add(new URL(this.parentURL, tag.getAttribute("src")));
                }
            } catch (MalformedURLException e) {
            }
        }

        public Vector<URL> getExtractedURLs() {
            return this.urls;
        }

        public void visitStringNode(Text text) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/lukemurphey/nsia/scan/HttpSeekingScanRule$ScanRecord.class */
    public static class ScanRecord {
        private URL url;
        private HttpDefinitionScanResult parentScanResult;
        private int currentLevel;

        public ScanRecord(URL url, HttpDefinitionScanResult httpDefinitionScanResult, int i) {
            this.url = url;
            this.parentScanResult = httpDefinitionScanResult;
            this.currentLevel = i;
        }

        public ScanRecord(URL url) {
            this.url = url;
            this.parentScanResult = null;
            this.currentLevel = 0;
        }

        public URL getURL() {
            return this.url;
        }

        public int getLevel() {
            return this.currentLevel;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/lukemurphey/nsia/scan/HttpSeekingScanRule$ScanRunner.class */
    public class ScanRunner extends Thread {
        private HttpDefinitionScanRule.HttpSignatureScanResultWithParser result;
        private HttpDefinitionScanRule rule;
        private HttpDefinitionScanResult parentScanResult;
        private boolean done = false;
        private int level;

        public ScanRunner(ScanRecord scanRecord, DefinitionSet definitionSet, int i, HttpClient httpClient) {
            this.parentScanResult = null;
            this.level = 0;
            this.rule = new HttpDefinitionScanRule(HttpSeekingScanRule.this.appRes, definitionSet, scanRecord.url, httpClient);
            this.level = i;
            this.rule.setCallback(HttpSeekingScanRule.this.callback);
            if (scanRecord.parentScanResult != null) {
                this.parentScanResult = scanRecord.parentScanResult;
            }
            setName("HTTP Seeking Scan Rule: " + scanRecord.url.toString());
        }

        public int getLevel() {
            return this.level;
        }

        public HttpDefinitionScanRule.HttpSignatureScanResultWithParser getResult() {
            return this.result;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            try {
                this.rule.suppressLoggingToEventLog(true);
                this.rule.scanRuleId = HttpSeekingScanRule.this.scanRuleId;
                this.result = this.rule.doScanAndReturnParser(this.parentScanResult);
            } catch (Exception e) {
                if (getUncaughtExceptionHandler() != null) {
                    getUncaughtExceptionHandler().uncaughtException(this, e);
                }
                HttpSeekingScanRule.this.exceptionThrown = e;
            } catch (IllegalStateException e2) {
                this.result = null;
            } finally {
                this.done = true;
            }
        }

        public void terminate() {
            this.rule.terminate();
        }

        public boolean done() {
            return this.done;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/lukemurphey/nsia/scan/HttpSeekingScanRule$ScanThreadExceptionHandler.class */
    public class ScanThreadExceptionHandler implements Thread.UncaughtExceptionHandler {
        private URL url;

        public ScanThreadExceptionHandler(URL url) {
            this.url = url;
        }

        @Override // java.lang.Thread.UncaughtExceptionHandler
        public void uncaughtException(Thread thread, Throwable th) {
            HttpSeekingScanRule.this.appRes.logExceptionEvent(new EventLogMessage(EventLogMessage.EventType.SCAN_ENGINE_EXCEPTION, new EventLogField(EventLogField.FieldName.RULE_ID, HttpSeekingScanRule.this.scanRuleId), new EventLogField(EventLogField.FieldName.URL, this.url.toString())), th);
        }
    }

    public HttpSeekingScanRule(Application application) {
        super(application);
        this.seedUrls = new Vector<>();
        this.restrictToDomain = null;
        this.scanExternalLinks = false;
        this.scanCountLimit = 1000;
        this.recursionLevels = 10;
        this.resourcesScanned = 0;
        this.terminate = false;
        this.inScan = false;
        this.lastScanResult = null;
        this.exceptionThrown = null;
        this.stopRecursingOn404 = true;
        this.runningThreads = new Vector<>();
        this.maxScanThreads = 10;
        try {
            setMaxScanThreads(application.getApplicationConfiguration().getMaxHTTPScanThreads());
        } catch (SQLException e) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        } catch (InputValidationException e2) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        } catch (NoDatabaseConnectionException e3) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        }
    }

    public HttpSeekingScanRule(Application application, Wildcard wildcard, int i, boolean z) {
        super(application);
        this.seedUrls = new Vector<>();
        this.restrictToDomain = null;
        this.scanExternalLinks = false;
        this.scanCountLimit = 1000;
        this.recursionLevels = 10;
        this.resourcesScanned = 0;
        this.terminate = false;
        this.inScan = false;
        this.lastScanResult = null;
        this.exceptionThrown = null;
        this.stopRecursingOn404 = true;
        this.runningThreads = new Vector<>();
        this.maxScanThreads = 10;
        setDomainRestriction(wildcard);
        setScanFrequency(i);
        try {
            setMaxScanThreads(application.getApplicationConfiguration().getMaxHTTPScanThreads());
        } catch (SQLException e) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        } catch (InputValidationException e2) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        } catch (NoDatabaseConnectionException e3) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        }
    }

    public HttpSeekingScanRule(Application application, Wildcard wildcard, boolean z) {
        super(application);
        this.seedUrls = new Vector<>();
        this.restrictToDomain = null;
        this.scanExternalLinks = false;
        this.scanCountLimit = 1000;
        this.recursionLevels = 10;
        this.resourcesScanned = 0;
        this.terminate = false;
        this.inScan = false;
        this.lastScanResult = null;
        this.exceptionThrown = null;
        this.stopRecursingOn404 = true;
        this.runningThreads = new Vector<>();
        this.maxScanThreads = 10;
        setDomainRestriction(wildcard);
        setScanFrequency(3600);
        try {
            setMaxScanThreads(application.getApplicationConfiguration().getMaxHTTPScanThreads());
        } catch (SQLException e) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        } catch (InputValidationException e2) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        } catch (NoDatabaseConnectionException e3) {
            application.getEventLog().logEvent(new EventLogMessage(EventLogMessage.EventType.INTERNAL_ERROR));
        }
    }

    public void scanExternalLinks(boolean z) {
        this.scanExternalLinks = z;
    }

    public boolean getScansExternalLinks() {
        return this.scanExternalLinks;
    }

    public Wildcard getDomainRestriction() {
        return this.restrictToDomain;
    }

    public void setDomainRestriction(Wildcard wildcard) {
        if (wildcard == null) {
            throw new IllegalArgumentException("The domain restriction wildcard cannot be null");
        }
        this.restrictToDomain = wildcard;
    }

    private Vector<URL> extractUrls(URL url, Parser parser) throws UnsupportedEncodingException {
        Vector<URL> vector = new Vector<>();
        Vector<URL> urlAttrs = getUrlAttrs("a", "href", url, parser, false);
        if (urlAttrs != null) {
            vector.addAll(urlAttrs);
        }
        Vector<URL> urlAttrs2 = getUrlAttrs("img", "src", url, parser, true);
        if (urlAttrs2 != null) {
            vector.addAll(urlAttrs2);
        }
        Vector<URL> urlAttrs3 = getUrlAttrs("applet", "code", url, parser, true);
        if (urlAttrs3 != null) {
            vector.addAll(urlAttrs3);
        }
        Vector<URL> urlAttrs4 = getUrlAttrs("object", "codebase", url, parser, true);
        if (urlAttrs4 != null) {
            vector.addAll(urlAttrs4);
        }
        Vector<URL> urlAttrs5 = getUrlAttrs("link", "href", url, parser, true);
        if (urlAttrs5 != null) {
            vector.addAll(urlAttrs5);
        }
        Vector<URL> urlAttrs6 = getUrlAttrs("script", "src", url, parser, true);
        if (urlAttrs6 != null) {
            vector.addAll(urlAttrs6);
        }
        Vector<URL> urlAttrs7 = getUrlAttrs("iframe", "src", url, parser, true);
        if (urlAttrs7 != null) {
            vector.addAll(urlAttrs7);
        }
        Vector<URL> urlAttrs8 = getUrlAttrs("frame", "src", url, parser, true);
        if (urlAttrs8 != null) {
            vector.addAll(urlAttrs8);
        }
        Vector<URL> urlAttrs9 = getUrlAttrs("embed", "code", url, parser, true);
        if (urlAttrs9 != null) {
            vector.addAll(urlAttrs9);
        }
        return vector;
    }

    private Vector<URL> filterExternalURLs(Vector<URL> vector) {
        Vector<URL> vector2 = new Vector<>();
        if (vector == null) {
            return vector2;
        }
        Iterator<URL> it = vector.iterator();
        while (it.hasNext()) {
            URL next = it.next();
            if (next != null && next.getHost() != null && hostnameIsValid(next.getHost()) && domainMatches(next)) {
                vector2.add(next);
            }
        }
        return vector2;
    }

    private void multiThreadedScan(DefinitionSet definitionSet, int i, Vector<HttpDefinitionScanResult> vector) throws UnsupportedEncodingException {
        Vector vector2 = new Vector();
        Vector vector3 = new Vector();
        HttpClient httpClient = new HttpClient(HttpDefinitionScanRule.getConnectionManager());
        Iterator<URL> it = this.seedUrls.iterator();
        while (it.hasNext()) {
            URL next = it.next();
            vector3.add(URLDecoder.decode(next.toString(), "UTF-8"));
            vector2.add(new ScanRecord(next));
        }
        while (vector.size() + this.runningThreads.size() < this.scanCountLimit && !this.terminate && (this.runningThreads.size() != 0 || vector2.size() != 0)) {
            Iterator<ScanRunner> it2 = this.runningThreads.iterator();
            while (it2.hasNext()) {
                ScanRunner next2 = it2.next();
                if (next2.done()) {
                    it2.remove();
                    HttpDefinitionScanRule.HttpSignatureScanResultWithParser result = next2.getResult();
                    if (!this.terminate && result != null) {
                        vector.add(result.getScanResult());
                        this.resourcesScanned++;
                        if (next2.getLevel() < this.recursionLevels && result.getParser() != null && result.getScanResult() != null) {
                            Vector<URL> extractUrls = (result.getScanResult().getContentType() == null || result.getScanResult().getContentType().contains("html") || result.getScanResult().getContentType().contains("xml")) ? extractUrls(result.getScanResult().getUrl(), result.getParser()) : new Vector<>();
                            extractUrls.addAll(filterExternalURLs(result.getExtractedURLsDomainLimited()));
                            extractUrls.addAll(result.getExtractedURLsDomainUnlimited());
                            Iterator<URL> it3 = extractUrls.iterator();
                            while (it3.hasNext()) {
                                URL next3 = it3.next();
                                if (vector.size() >= this.scanCountLimit) {
                                    break;
                                }
                                String url = next3.toString();
                                boolean z = false;
                                Iterator it4 = vector3.iterator();
                                while (it4.hasNext()) {
                                    if (((String) it4.next()).equalsIgnoreCase(url)) {
                                        z = true;
                                    }
                                }
                                if (!z) {
                                    vector3.add(url);
                                    if (result.getHttpResponseCode() == 404 && this.stopRecursingOn404) {
                                        vector2.add(new ScanRecord(next3, result.getScanResult(), this.recursionLevels));
                                    } else {
                                        vector2.add(new ScanRecord(next3, result.getScanResult(), next2.getLevel() + 1));
                                    }
                                }
                            }
                        }
                    }
                }
            }
            if (this.runningThreads.size() >= i || vector2.size() == 0) {
                try {
                    Thread.sleep(1000L);
                } catch (InterruptedException e) {
                }
            } else if (!this.terminate && vector2.size() > 0) {
                ScanRecord scanRecord = (ScanRecord) vector2.remove(0);
                ScanRunner scanRunner = new ScanRunner(scanRecord, definitionSet, scanRecord.getLevel(), httpClient);
                this.runningThreads.add(scanRunner);
                scanRunner.setUncaughtExceptionHandler(new ScanThreadExceptionHandler(scanRecord.getURL()));
                scanRunner.setPriority(1);
                scanRunner.start();
            }
        }
        while (this.runningThreads.size() > 0) {
            Iterator<ScanRunner> it5 = this.runningThreads.iterator();
            while (it5.hasNext()) {
                ScanRunner next4 = it5.next();
                if (next4.done()) {
                    it5.remove();
                    HttpDefinitionScanRule.HttpSignatureScanResultWithParser result2 = next4.getResult();
                    if (!this.terminate && result2 != null) {
                        vector.add(result2.getScanResult());
                        this.resourcesScanned++;
                    }
                } else {
                    try {
                        Thread.sleep(1000L);
                    } catch (InterruptedException e2) {
                    }
                }
            }
        }
    }

    private Vector<URL> getUrlAttrs(String str, String str2, URL url, Parser parser, boolean z) throws UnsupportedEncodingException {
        try {
            Vector<URL> urlAttrs = getUrlAttrs(parser.extractAllNodesThatMatch(new TagNameFilter(str)), str2, url, z);
            if (parser != null) {
                parser.reset();
            }
            return urlAttrs;
        } catch (ParserException e) {
            if (parser == null) {
                return null;
            }
            parser.reset();
            return null;
        } catch (Throwable th) {
            if (parser != null) {
                parser.reset();
            }
            throw th;
        }
    }

    private boolean domainMatches(URL url) {
        if (this.restrictToDomain.wildcard().contains("?")) {
            return this.restrictToDomain.getPattern().matcher(url.toString()).matches();
        }
        if (Pattern.matches("[0-9a-zA-Z*-.]+", this.restrictToDomain.wildcard())) {
            return this.restrictToDomain.getPattern().matcher(url.getHost()).matches();
        }
        return this.restrictToDomain.getPattern().matcher(url.toString().split("[?]")[0]).matches();
    }

    private Vector<URL> getUrlAttrs(NodeList nodeList, String str, URL url, boolean z) throws UnsupportedEncodingException {
        Vector<URL> vector = new Vector<>();
        for (int i = 0; i < nodeList.size(); i++) {
            String attribute = nodeList.elementAt(i).getAttribute(str);
            if (attribute != null) {
                try {
                    int lastIndexOf = attribute.lastIndexOf("#");
                    if (lastIndexOf >= 0) {
                        attribute = attribute.substring(0, lastIndexOf);
                    }
                    URL url2 = new URL(url, URLDecoder.decode(attribute.trim(), "UTF-8"));
                    if (url2.getHost() != null && hostnameIsValid(url2.getHost()) && (domainMatches(url2) || ((this.scanExternalLinks && domainMatches(url)) || z))) {
                        vector.add(url2);
                    }
                } catch (IllegalArgumentException e) {
                } catch (MalformedURLException e2) {
                }
            }
        }
        return vector;
    }

    private boolean hostnameIsValid(String str) {
        return Pattern.matches("[-.0-9a-zA-Z]+", str);
    }

    @Override // net.lukemurphey.nsia.scan.ScanRule
    public void delete() throws SQLException, NoDatabaseConnectionException {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ScanRule.deleteRule(this.scanRuleId);
        try {
            connection = this.appRes.getDatabaseConnection(Application.DatabaseAccessType.SCANNER);
            preparedStatement = connection.prepareStatement("Delete from HttpDiscoveryRule where ScanRuleID = ?");
            preparedStatement.setLong(1, this.scanRuleId);
            preparedStatement.execute();
            if (connection != null) {
                connection.close();
            }
            if (preparedStatement != null) {
                preparedStatement.close();
            }
        } catch (Throwable th) {
            if (connection != null) {
                connection.close();
            }
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            throw th;
        }
    }

    public void setMaxScanThreads(int i) {
        if (i < 1) {
            throw new IllegalArgumentException("The maximum number of threads cannot be less than one");
        }
        this.maxScanThreads = i;
    }

    public int getMaxScanThreads() {
        return this.maxScanThreads;
    }

    @Override // net.lukemurphey.nsia.scan.ScanRule
    public ScanResult doScan() throws ScanException {
        try {
            this.inScan = true;
            Vector<HttpDefinitionScanResult> vector = new Vector<>();
            try {
                try {
                    try {
                        multiThreadedScan(DefinitionArchive.getArchive().getDefinitionSet(), this.maxScanThreads, vector);
                        ScanResultCode scanResultCode = null;
                        int i = 0;
                        while (true) {
                            if (i >= vector.size()) {
                                break;
                            }
                            if (vector.get(i).getResultCode().getId() == ScanResultCode.SCAN_COMPLETED.getId() || scanResultCode != null) {
                                if (vector.get(i).getResultCode().getId() != ScanResultCode.SCAN_COMPLETED.getId() && scanResultCode != null && scanResultCode.getId() != vector.get(i).getResultCode().getId()) {
                                    scanResultCode = ScanResultCode.SCAN_FAILED;
                                    break;
                                }
                            } else {
                                scanResultCode = vector.get(i).getResultCode();
                            }
                            i++;
                        }
                        if (this.terminate) {
                            scanResultCode = ScanResultCode.SCAN_TERMINATED;
                        } else if (vector.size() == 0) {
                            scanResultCode = ScanResultCode.SCAN_FAILED;
                        }
                        for (int i2 = 0; i2 < vector.size(); i2++) {
                            logSignatureScanResult(vector.get(i2).deviations, vector.get(i2).getUrl());
                        }
                        int i3 = 0;
                        for (int i4 = 0; i4 < vector.size(); i4++) {
                            if (vector.get(i4).deviations > 0) {
                                i3++;
                            }
                        }
                        logScanResult(scanResultCode, i3);
                        this.inScan = false;
                        return scanResultCode != null ? new HttpSeekingScanResult(vector, this.restrictToDomain.wildcard(), this.scanRuleId, scanResultCode, new Timestamp(System.currentTimeMillis())) : new HttpSeekingScanResult(vector, this.restrictToDomain.wildcard(), this.scanRuleId, ScanResultCode.SCAN_COMPLETED, new Timestamp(System.currentTimeMillis()));
                    } catch (UnsupportedEncodingException e) {
                        throw new ScanException("Cannot perform a scan since the encoding required to decode URLs is not-supported by the runtime", e);
                    }
                } catch (SQLException e2) {
                    throw new ScanException("Signature set could not be loaded", e2);
                } catch (InputValidationException e3) {
                    throw new ScanException("Signature set could not be loaded", e3);
                }
            } catch (NoDatabaseConnectionException e4) {
                throw new ScanException("Signature set could not be loaded", e4);
            } catch (DefinitionSetLoadException e5) {
                throw new ScanException("Signature set could not be loaded", e5);
            }
        } finally {
            this.inScan = false;
        }
    }

    private void logSignatureScanResult(int i, URL url) {
        if (i > 0) {
            logScanResult(ScanResultCode.SCAN_COMPLETED, i, RULE_TYPE, url.toString(), String.valueOf(i) + " definitions matched", true, false);
        } else {
            logScanResult(ScanResultCode.SCAN_COMPLETED, 0, RULE_TYPE, url.toString(), "0 definitions matched", true, false);
        }
    }

    private void logScanResult(ScanResultCode scanResultCode, int i) {
        logScanComplete(scanResultCode, i, RULE_TYPE, getSpecimenDescription(), true, false);
    }

    @Override // net.lukemurphey.nsia.scan.ScanRule
    public String getRuleType() {
        return RULE_TYPE;
    }

    @Override // net.lukemurphey.nsia.scan.ScanRule
    public String getSpecimenDescription() {
        return this.restrictToDomain.wildcard();
    }

    @Override // net.lukemurphey.nsia.scan.ScanRule
    public boolean loadFromDatabase(long j) throws NotFoundException, NoDatabaseConnectionException, SQLException, ScanRule.ScanRuleLoadFailureException {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        PreparedStatement preparedStatement2 = null;
        ResultSet resultSet2 = null;
        PreparedStatement preparedStatement3 = null;
        ResultSet resultSet3 = null;
        try {
            connection = this.appRes.getDatabaseConnection(Application.DatabaseAccessType.SCANNER);
            preparedStatement2 = connection.prepareStatement("Select * from ScanRule where ScanRuleID = ?");
            preparedStatement2.setLong(1, j);
            resultSet2 = preparedStatement2.executeQuery();
            if (!resultSet2.next()) {
                if (0 != 0) {
                    preparedStatement.close();
                }
                if (0 != 0) {
                    resultSet.close();
                }
                if (preparedStatement2 != null) {
                    preparedStatement2.close();
                }
                if (resultSet2 != null) {
                    resultSet2.close();
                }
                if (0 != 0) {
                    preparedStatement3.close();
                }
                if (0 != 0) {
                    resultSet3.close();
                }
                if (connection == null) {
                    return false;
                }
                connection.close();
                return false;
            }
            this.scanFrequency = resultSet2.getInt("ScanFrequency");
            this.created = resultSet2.getTimestamp("Created");
            this.modified = resultSet2.getTimestamp("Modified");
            preparedStatement = connection.prepareStatement("Select * from HttpDiscoveryRule where ScanRuleID = ?");
            preparedStatement.setLong(1, j);
            resultSet = preparedStatement.executeQuery();
            if (!resultSet.next()) {
                if (preparedStatement != null) {
                    preparedStatement.close();
                }
                if (resultSet != null) {
                    resultSet.close();
                }
                if (preparedStatement2 != null) {
                    preparedStatement2.close();
                }
                if (resultSet2 != null) {
                    resultSet2.close();
                }
                if (0 != 0) {
                    preparedStatement3.close();
                }
                if (0 != 0) {
                    resultSet3.close();
                }
                if (connection == null) {
                    return false;
                }
                connection.close();
                return false;
            }
            this.recursionLevels = resultSet.getInt("RecursionDepth");
            this.restrictToDomain = new Wildcard(resultSet.getString("Domain"), true);
            this.scanCountLimit = resultSet.getInt("ResourceScanLimit");
            this.scanExternalLinks = resultSet.getBoolean("ScanFirstExternal");
            this.scanRuleId = j;
            preparedStatement3 = connection.prepareStatement("Select * from RuleURL where ScanRuleID = ?");
            preparedStatement3.setLong(1, j);
            resultSet3 = preparedStatement3.executeQuery();
            while (resultSet3.next()) {
                try {
                    addSeedUrl(new URL(resultSet3.getString("URL")));
                } catch (MalformedURLException e) {
                    throw new ScanRule.ScanRuleLoadFailureException("One of the seed URLs is invalid: " + resultSet3.getString("URL"), e);
                }
            }
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (resultSet != null) {
                resultSet.close();
            }
            if (preparedStatement2 != null) {
                preparedStatement2.close();
            }
            if (resultSet2 != null) {
                resultSet2.close();
            }
            if (preparedStatement3 != null) {
                preparedStatement3.close();
            }
            if (resultSet3 != null) {
                resultSet3.close();
            }
            if (connection == null) {
                return true;
            }
            connection.close();
            return true;
        } catch (Throwable th) {
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (resultSet != null) {
                resultSet.close();
            }
            if (preparedStatement2 != null) {
                preparedStatement2.close();
            }
            if (resultSet2 != null) {
                resultSet2.close();
            }
            if (preparedStatement3 != null) {
                preparedStatement3.close();
            }
            if (resultSet3 != null) {
                resultSet3.close();
            }
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private boolean isReady() {
        return this.seedUrls.size() != 0;
    }

    public long saveToDatabase() throws IllegalStateException, SQLException, NoDatabaseConnectionException {
        if (this.scanRuleId == -1) {
            throw new IllegalStateException("Scan rule must not be less than zero");
        }
        return saveToDatabaseEx(this.scanRuleId);
    }

    public long saveNewRuleToDatabase(long j) throws IllegalStateException, SQLException, NoDatabaseConnectionException {
        if (j < 0) {
            throw new IllegalArgumentException("Site group identifer must not be less than zero");
        }
        return saveNewRuleToDatabaseEx(j);
    }

    public void saveToDatabase(long j) throws IllegalStateException, SQLException, NoDatabaseConnectionException {
        if (j < 0) {
            throw new IllegalArgumentException("Scan rule must not be less than zero");
        }
        saveToDatabaseEx(j);
    }

    private synchronized long saveNewRuleToDatabaseEx(long j) throws IllegalStateException, SQLException, NoDatabaseConnectionException {
        if (j < -1) {
            throw new IllegalArgumentException("Site group ID is invalid (must not be less than zero)");
        }
        if (!isReady()) {
            throw new IllegalStateException("HTTP scan class cannot be persisted to database since critical information is missing");
        }
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        PreparedStatement preparedStatement2 = null;
        try {
            connection = this.appRes.getDatabaseConnection(Application.DatabaseAccessType.SCANNER);
            this.scanRuleId = createRule(j, getScanFrequency(), RULE_TYPE, 1);
            preparedStatement = connection.prepareStatement("Insert into HttpDiscoveryRule(RecursionDepth, ResourceScanLimit, Domain, ScanFirstExternal, ScanRuleID) values(?, ?, ?, ?, ?)");
            preparedStatement.setInt(1, this.recursionLevels);
            preparedStatement.setInt(2, this.scanCountLimit);
            preparedStatement.setString(3, this.restrictToDomain.wildcard());
            preparedStatement.setBoolean(4, this.scanExternalLinks);
            preparedStatement.setLong(5, this.scanRuleId);
            preparedStatement.execute();
            Iterator<URL> it = this.seedUrls.iterator();
            while (it.hasNext()) {
                preparedStatement2 = connection.prepareStatement("Insert into RuleURL (ScanRuleID, URL) values (?, ?)");
                preparedStatement2.setLong(1, this.scanRuleId);
                preparedStatement2.setString(2, it.next().toString());
                preparedStatement2.executeUpdate();
            }
            long j2 = this.scanRuleId;
            if (preparedStatement2 != null) {
                preparedStatement2.close();
            }
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (connection != null) {
                connection.close();
            }
            return j2;
        } catch (Throwable th) {
            if (preparedStatement2 != null) {
                preparedStatement2.close();
            }
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private synchronized long saveToDatabaseEx(long j) throws IllegalStateException, SQLException, NoDatabaseConnectionException {
        if (j < 0) {
            throw new IllegalArgumentException("Scan rule ID is invalid (must not be less than zero)");
        }
        if (!isReady()) {
            throw new IllegalStateException("HTTP scan class cannot be persisted to database since critical information is missing");
        }
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        PreparedStatement preparedStatement2 = null;
        PreparedStatement preparedStatement3 = null;
        PreparedStatement preparedStatement4 = null;
        try {
            connection = this.appRes.getDatabaseConnection(Application.DatabaseAccessType.SCANNER);
            preparedStatement = connection.prepareStatement("Update HttpDiscoveryRule set RecursionDepth = ?, ResourceScanLimit = ?, Domain = ?, ScanFirstExternal = ? where ScanRuleID = ?");
            preparedStatement.setInt(1, this.recursionLevels);
            preparedStatement.setInt(2, this.scanCountLimit);
            preparedStatement.setString(3, this.restrictToDomain.wildcard());
            preparedStatement.setBoolean(4, this.scanExternalLinks);
            preparedStatement.setLong(5, j);
            preparedStatement.executeUpdate();
            this.scanRuleId = j;
            preparedStatement3 = connection.prepareStatement("Delete from RuleURL where ScanRuleID = ?");
            preparedStatement3.setLong(1, j);
            preparedStatement3.executeUpdate();
            Iterator<URL> it = this.seedUrls.iterator();
            while (it.hasNext()) {
                preparedStatement4 = connection.prepareStatement("Insert into RuleURL (ScanRuleID, URL) values (?, ?)");
                preparedStatement4.setLong(1, j);
                preparedStatement4.setString(2, it.next().toString());
                preparedStatement4.executeUpdate();
            }
            preparedStatement2 = connection.prepareStatement("Update ScanRule set ScanFrequency = ?, ScanDataObsolete = ?, Modified = ? where ScanRuleID = ?");
            preparedStatement2.setInt(1, getScanFrequency());
            preparedStatement2.setBoolean(2, true);
            preparedStatement2.setTimestamp(3, new Timestamp(new Date().getTime()));
            preparedStatement2.setLong(4, j);
            preparedStatement2.executeUpdate();
            long j2 = this.scanRuleId;
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (preparedStatement4 != null) {
                preparedStatement4.close();
            }
            if (preparedStatement2 != null) {
                preparedStatement2.close();
            }
            if (preparedStatement3 != null) {
                preparedStatement3.close();
            }
            if (connection != null) {
                connection.close();
            }
            return j2;
        } catch (Throwable th) {
            if (preparedStatement != null) {
                preparedStatement.close();
            }
            if (preparedStatement4 != null) {
                preparedStatement4.close();
            }
            if (preparedStatement2 != null) {
                preparedStatement2.close();
            }
            if (preparedStatement3 != null) {
                preparedStatement3.close();
            }
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    @Override // net.lukemurphey.nsia.scan.ScanRule
    public ScanResult loadScanResult(long j) throws NotFoundException, NoDatabaseConnectionException, SQLException, ScanRule.ScanResultLoadFailureException {
        Connection connection = null;
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            Connection databaseConnection = this.appRes.getDatabaseConnection(Application.DatabaseAccessType.SCANNER);
            if (databaseConnection == null) {
                throw new NoDatabaseConnectionException();
            }
            PreparedStatement prepareStatement = databaseConnection.prepareStatement("Select * from ScanResult where ScanResultID = ?");
            prepareStatement.setLong(1, j);
            ResultSet executeQuery = prepareStatement.executeQuery();
            if (!executeQuery.next()) {
                if (databaseConnection != null) {
                    databaseConnection.close();
                }
                if (executeQuery != null) {
                    executeQuery.close();
                }
                if (prepareStatement == null) {
                    return null;
                }
                prepareStatement.close();
                return null;
            }
            ScanResultCode scanResultCodeById = ScanResultCode.getScanResultCodeById(executeQuery.getInt("ScanResultCode"));
            if (scanResultCodeById == null) {
                if (databaseConnection != null) {
                    databaseConnection.close();
                }
                if (executeQuery != null) {
                    executeQuery.close();
                }
                if (prepareStatement == null) {
                    return null;
                }
                prepareStatement.close();
                return null;
            }
            HttpSeekingScanResult loadFromDatabase = HttpSeekingScanResult.loadFromDatabase(executeQuery.getLong("ScanRuleID"), j, scanResultCodeById, executeQuery.getTimestamp("ScanDate"), executeQuery.getInt("Deviations"), executeQuery.getInt("Incompletes"), executeQuery.getInt("Accepts"));
            if (databaseConnection != null) {
                databaseConnection.close();
            }
            if (executeQuery != null) {
                executeQuery.close();
            }
            if (prepareStatement != null) {
                prepareStatement.close();
            }
            return loadFromDatabase;
        } catch (Throwable th) {
            if (0 != 0) {
                connection.close();
            }
            if (0 != 0) {
                resultSet.close();
            }
            if (0 != 0) {
                preparedStatement.close();
            }
            throw th;
        }
    }

    public final void setScanCountLimit(int i) {
        if (i > SCAN_LIMIT) {
            throw new IllegalArgumentException("The resource limit cannot exceed 50000");
        }
        this.scanCountLimit = i;
    }

    public int resourcesScanned() {
        return this.resourcesScanned;
    }

    public final int getScanCountLimit() {
        return this.scanCountLimit;
    }

    public final void setRecursionDepth(int i) {
        if (i > DEPTH_LIMIT) {
            throw new IllegalArgumentException("The depth limit cannot exceed 100");
        }
        this.recursionLevels = i;
    }

    public final int getRecursionDepth() {
        return this.recursionLevels;
    }

    public final void addSeedUrl(URL url) {
        if (url == null) {
            throw new IllegalArgumentException("A URL to be added to the list cannot be null");
        }
        this.seedUrls.add(url);
    }

    public URL[] getSeedUrlsNotInDomain() {
        Iterator<URL> it = this.seedUrls.iterator();
        Vector vector = new Vector();
        while (it.hasNext()) {
            URL next = it.next();
            if (!this.restrictToDomain.getPattern().matcher(next.toExternalForm()).matches()) {
                vector.add(next);
            }
        }
        URL[] urlArr = new URL[vector.size()];
        vector.toArray(urlArr);
        return urlArr;
    }

    public URL[] getSeedUrls() {
        URL[] urlArr = new URL[this.seedUrls.size()];
        this.seedUrls.toArray(urlArr);
        return urlArr;
    }

    public void clearSeedUrls() {
        this.seedUrls.clear();
    }

    public final void setSeedUrls(URL[] urlArr) {
        this.seedUrls.clear();
        addSeedUrls(urlArr);
    }

    public synchronized boolean baseline() throws RuleBaselineException, SQLException {
        Connection connection = null;
        try {
            try {
                try {
                    try {
                        if (this.scanRuleId < 0) {
                            if (0 == 0) {
                                return false;
                            }
                            connection.close();
                            return false;
                        }
                        connection = this.appRes.getDatabaseConnection(Application.DatabaseAccessType.SCANNER);
                        HttpSeekingScanResult httpSeekingScanResult = (HttpSeekingScanResult) ScanResultLoader.getLastScanResult(this.scanRuleId);
                        if (httpSeekingScanResult == null) {
                            if (connection == null) {
                                return false;
                            }
                            connection.close();
                            return false;
                        }
                        HttpDefinitionScanResult[] findings = httpSeekingScanResult.getFindings();
                        DefinitionPolicySet policySetForSiteGroup = DefinitionPolicySet.getPolicySetForSiteGroup(connection, this.scanRuleId);
                        DefinitionSet definitionSet = DefinitionArchive.getArchive().getDefinitionSet();
                        for (HttpDefinitionScanResult httpDefinitionScanResult : findings) {
                            for (DefinitionMatch definitionMatch : httpDefinitionScanResult.getDefinitionMatches()) {
                                boolean z = true;
                                ScriptDefinition scriptDefinition = getScriptDefinition(definitionMatch.getDefinitionName(), definitionMatch.getDefinitionID(), definitionSet);
                                if (scriptDefinition != null) {
                                    httpDefinitionScanResult.ruleId = this.scanRuleId;
                                    z = !scriptDefinition.baseline(httpDefinitionScanResult);
                                }
                                if (z) {
                                    String[] parseName = Definition.parseName(definitionMatch.getDefinitionName());
                                    if (!policySetForSiteGroup.isFiltered(this.scanRuleId, parseName[2], parseName[0], parseName[1], httpDefinitionScanResult.getUrl())) {
                                        DefinitionPolicyDescriptor.createDefinitionPolicy((int) this.scanRuleId, definitionMatch, httpDefinitionScanResult.getUrl(), DefinitionPolicyDescriptor.DefinitionPolicyAction.EXCLUDE).saveToDatabase(connection);
                                    }
                                }
                            }
                        }
                        ScanRule.setScanDataObsolete(this.scanRuleId);
                        if (connection == null) {
                            return true;
                        }
                        connection.close();
                        return true;
                    } catch (NoDatabaseConnectionException e) {
                        throw new RuleBaselineException("SQL Exception throw while baselining the rule", e);
                    } catch (DefinitionEvaluationException e2) {
                        throw new RuleBaselineException(e2);
                    }
                } catch (InputValidationException e3) {
                    throw new RuleBaselineException(e3);
                } catch (InvalidDefinitionException e4) {
                    throw new RuleBaselineException("Script could not be baselined (script is invalid)", e4);
                }
            } catch (DefinitionSetLoadException e5) {
                throw new RuleBaselineException(e5);
            } catch (ScanRule.ScanResultLoadFailureException e6) {
                if (connection == null) {
                    return false;
                }
                connection.close();
                return false;
            }
        } catch (Throwable th) {
            if (connection != null) {
                connection.close();
            }
            throw th;
        }
    }

    private ScriptDefinition getScriptDefinition(String str, int i, DefinitionSet definitionSet) {
        Definition definition;
        try {
            definition = definitionSet.getDefinitionByLocalID(i);
        } catch (NotFoundException e) {
            try {
                definition = definitionSet.getDefinition(str);
            } catch (NotFoundException e2) {
                return null;
            }
        }
        if (definition == null || !(definition instanceof ScriptDefinition)) {
            return null;
        }
        return (ScriptDefinition) definition;
    }

    public final void addSeedUrls(URL[] urlArr) {
        if (urlArr == null) {
            throw new IllegalArgumentException("A URL to be added to the list cannot be null");
        }
        for (URL url : urlArr) {
            this.seedUrls.add(url);
        }
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public boolean canPause() {
        return false;
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public int getProgress() {
        if (getStatus() == WorkerThread.State.STOPPED) {
            return 0;
        }
        return (this.resourcesScanned * DEPTH_LIMIT) / this.scanCountLimit;
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public WorkerThread.State getStatus() {
        return (!this.inScan || this.terminate) ? (this.inScan && this.terminate) ? WorkerThread.State.STOPPING : !this.inScan ? WorkerThread.State.STOPPED : WorkerThread.State.STOPPED : WorkerThread.State.STARTED;
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public String getStatusDescription() {
        WorkerThread.State status = getStatus();
        if (status == WorkerThread.State.STARTED) {
            return this.currentlyScanning == null ? "Scan " + getProgress() + "% complete" : "Scan " + getProgress() + "% complete. Currently scanning: " + this.currentlyScanning;
        }
        if (status == WorkerThread.State.STOPPED) {
            return "Not Scanning";
        }
        if (status == WorkerThread.State.STOPPING) {
            return "Scanner terminating";
        }
        return null;
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public String getTaskDescription() {
        return "Website scanner";
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public void pause() {
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public boolean reportsProgress() {
        return true;
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public void terminate() {
        this.terminate = true;
        CopyOnWriteArrayList copyOnWriteArrayList = new CopyOnWriteArrayList(this.runningThreads);
        if (copyOnWriteArrayList.size() > 0) {
            Iterator it = copyOnWriteArrayList.iterator();
            while (it.hasNext()) {
                ((ScanRunner) it.next()).terminate();
            }
        }
    }

    public HttpSeekingScanResult getResult() {
        return this.lastScanResult;
    }

    @Override // java.lang.Runnable
    public void run() {
        try {
            this.lastScanResult = (HttpSeekingScanResult) doScan();
        } catch (ScanException e) {
            this.exceptionThrown = e;
            this.lastScanResult = null;
        }
    }

    @Override // net.lukemurphey.nsia.WorkerThread
    public Throwable getException() {
        return this.exceptionThrown;
    }
}
