package org.apache.logging.log4j.core.lookup;

import javax.naming.NamingException;
import javax.naming.Reference;
import javax.naming.Referenceable;
import javax.naming.StringRefAddr;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.message.SimpleMessage;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.zapodot.junit.ldap.EmbeddedLdapRule;
import org.zapodot.junit.ldap.EmbeddedLdapRuleBuilder;

/* loaded from: input_file:org/apache/logging/log4j/core/lookup/JndiRestrictedLookupTest.class */
public class JndiRestrictedLookupTest {
    private static final String LDAP_URL = "ldap://127.0.0.1:";
    private static final String LDAP_BADV6_URL = "ldap://[2001:db8:1f70::999:de8:7648:6e8]@127.0.0.1:";
    private static final String LDAP_V6_URL = "ldap://[2001:db8:1f70::999:de8:7648:6e8]:";
    private static final String RESOURCE = "JndiExploit";
    private static final String TEST_STRING = "TestString";
    private static final String TEST_MESSAGE = "TestMessage";
    private static final String LEVEL = "TestLevel";
    private static final String DOMAIN_DSN = "dc=apache,dc=org";
    private static final String DOMAIN = "apache.org";

    @Rule
    public EmbeddedLdapRule embeddedLdapRule = EmbeddedLdapRuleBuilder.newInstance().usingDomainDsn(DOMAIN_DSN).importingLdifs(new String[]{"JndiRestrictedLookup.ldif"}).build();

    /* loaded from: input_file:org/apache/logging/log4j/core/lookup/JndiRestrictedLookupTest$Fruit.class */
    class Fruit implements Referenceable {
        String fruit;

        public Fruit(String str) {
            this.fruit = str;
        }

        public Reference getReference() throws NamingException {
            return new Reference(Fruit.class.getName(), new StringRefAddr("fruit", this.fruit), JndiExploit.class.getName(), (String) null);
        }

        public String toString() {
            return this.fruit;
        }
    }

    @BeforeClass
    public static void beforeClass() {
        System.setProperty("log4j2.allowedLdapClasses", Level.class.getName());
        System.setProperty("log4j2.allowedJndiProtocols", "dns");
        System.setProperty("log4j2.enableJndi", "true");
    }

    @Test
    public void testBadUriLookup() throws Exception {
        int embeddedServerPort = this.embeddedLdapRule.embeddedServerPort();
        this.embeddedLdapRule.context().bind("cn=JndiExploit,dc=apache,dc=org", new Fruit("Test Message"));
        if (new JndiLookup().lookup(LDAP_URL + embeddedServerPort + "/cn=" + RESOURCE + "," + DOMAIN_DSN + "?Type=A Type&Name=1100110&Char=!") != null) {
            Assert.fail("Lookup returned an object");
        }
    }

    @Test
    public void testBadV6Lookup() throws Exception {
        int embeddedServerPort = this.embeddedLdapRule.embeddedServerPort();
        this.embeddedLdapRule.context().bind("cn=JndiExploit,dc=apache,dc=org", new Fruit("Test Message"));
        if (new JndiLookup().lookup(LDAP_BADV6_URL + embeddedServerPort + "/cn=" + RESOURCE + "," + DOMAIN_DSN) != null) {
            Assert.fail("Lookup returned an object");
        }
    }

    @Test
    public void testV6Lookup() throws Exception {
        int embeddedServerPort = this.embeddedLdapRule.embeddedServerPort();
        this.embeddedLdapRule.context().bind("cn=JndiExploit,dc=apache,dc=org", new Fruit("Test Message"));
        if (new JndiLookup().lookup(LDAP_V6_URL + embeddedServerPort + "/cn=" + RESOURCE + "," + DOMAIN_DSN) != null) {
            Assert.fail("Lookup returned an object");
        }
    }

    @Test
    public void testReferenceLookup() throws Exception {
        int embeddedServerPort = this.embeddedLdapRule.embeddedServerPort();
        this.embeddedLdapRule.context().bind("cn=JndiExploit,dc=apache,dc=org", new Fruit("Test Message"));
        if (new JndiLookup().lookup(LDAP_URL + embeddedServerPort + "/cn=" + RESOURCE + "," + DOMAIN_DSN) != null) {
            Assert.fail("Lookup returned an object");
        }
    }

    @Test
    public void testSerializableLookup() throws Exception {
        int embeddedServerPort = this.embeddedLdapRule.embeddedServerPort();
        this.embeddedLdapRule.context().bind("cn=TestString,dc=apache,dc=org", "Test Message");
        String lookup = new JndiLookup().lookup(LDAP_URL + embeddedServerPort + "/cn=" + TEST_STRING + "," + DOMAIN_DSN);
        if (lookup == null) {
            Assert.fail("Lookup failed to return the test string");
        }
        Assert.assertEquals("Incorrect message returned", "Test Message", lookup);
    }

    @Test
    public void testBadSerializableLookup() throws Exception {
        int embeddedServerPort = this.embeddedLdapRule.embeddedServerPort();
        this.embeddedLdapRule.context().bind("cn=TestMessage,dc=apache,dc=org", new SimpleMessage("Test Message"));
        if (new JndiLookup().lookup(LDAP_URL + embeddedServerPort + "/cn=" + TEST_MESSAGE + "," + DOMAIN_DSN) != null) {
            Assert.fail("Lookup returned an object");
        }
    }

    @Test
    public void testSpecialSerializableLookup() throws Exception {
        int embeddedServerPort = this.embeddedLdapRule.embeddedServerPort();
        this.embeddedLdapRule.context().bind("cn=TestLevel,dc=apache,dc=org", Level.ERROR);
        String lookup = new JndiLookup().lookup(LDAP_URL + embeddedServerPort + "/cn=" + LEVEL + "," + DOMAIN_DSN);
        if (lookup == null) {
            Assert.fail("Lookup failed to return the level");
        }
        Assert.assertEquals("Incorrect level returned", Level.ERROR.toString(), lookup);
    }

    @Test
    public void testDnsLookup() throws Exception {
        if (new JndiLookup().lookup("dns:/apache.org") == null) {
            Assert.fail("No DNS data returned");
        }
    }

    @Test
    public void testNisLookup() throws Exception {
        if (new JndiLookup().lookup("nis:/apache.org") != null) {
            Assert.fail("NIS information should not have been returned");
        }
    }
}
