package at.gv.egovernment.moa.spss.util; import java.net.InetAddress; import java.net.UnknownHostException; import java.util.Iterator; import java.util.List; import at.gv.egovernment.moa.spss.MOAApplicationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationException; import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider; import at.gv.egovernment.moaspss.logging.LogMsg; import at.gv.egovernment.moaspss.logging.Logger; public class ExternalURIVerifier { public static void verify(String host, int port) throws MOAApplicationException { if (host == null) { return; } if (host.equalsIgnoreCase("")) { return; } try { final ConfigurationProvider config = ConfigurationProvider.getInstance(); final boolean allowExternalUris = config.getAllowExternalUris(); final List blacklist = config.getBlackListedUris(); final List whitelist = config.getWhiteListedUris(); final InetAddress hostInetAddress = InetAddress.getByName(host); final String ip = hostInetAddress.getHostAddress(); if (allowExternalUris) { // external URIs are allowed - check blacklist final Iterator it = blacklist.iterator(); while (it.hasNext()) { final String[] array = (String[]) it.next(); final String bhost = array[0]; final String bport = array[1]; if (bport == null || port == -1) { // check only host if (ip.startsWith(bhost)) { Logger.debug(new LogMsg("Blacklist check: " + host + " (" + ip + ") blacklisted")); throw new MOAApplicationException("4002", new Object[] { host + "(" + ip + ")" }); } } else { // check host and port final int iport = new Integer(bport).intValue(); if (ip.startsWith(bhost) && iport == port) { Logger.debug(new LogMsg("Blacklist check: " + host + ":" + port + " (" + ip + ":" + port + " blacklisted")); throw new MOAApplicationException("4002", new Object[] { host + ":" + port + " (" + ip + ":" + port + ")" }); } } } } else { // external uris are forbidden - check whitelist final Iterator it = whitelist.iterator(); boolean allowed = false; while (it.hasNext()) { final String[] array = (String[]) it.next(); final String bhost = array[0]; final String bport = array[1]; if (bport == null || port == -1) { // check only host if (ip.startsWith(bhost)) { Logger.debug(new LogMsg("Whitelist check: " + host + " (" + ip + ") whitelisted")); allowed = true; // throw new MOAApplicationException("4002", new Object[]{host + "(" + ip + // ")"}); } } else { // check host and port final int iport = new Integer(bport).intValue(); if (ip.startsWith(bhost) && iport == port) { Logger.debug(new LogMsg("Whitelist check: " + host + ":" + port + " (" + ip + ":" + port + " whitelisted")); // throw new MOAApplicationException("4002", new Object[]{host + ":" + port + " // (" + ip + ":" + port + ")"}); allowed = true; } } } if (!allowed) { if (port != -1) { Logger.debug(new LogMsg("No external URIs allowed (" + host + ")")); throw new MOAApplicationException("4001", new Object[] { host + "(" + ip + ")" }); } else { Logger.debug(new LogMsg("No external URIs allowed (" + host + ":" + port + ")")); throw new MOAApplicationException("4001", new Object[] { host + ":" + port + " (" + ip + ":" + port + ")" }); } } } Logger.debug(new LogMsg("URI allowed: " + ip + ":" + port)); } catch (final ConfigurationException e) { throw new MOAApplicationException("config.10", null); } catch (final UnknownHostException e) { throw new MOAApplicationException("4003", new Object[] { host }); } } }