package com.wireguard.android.backend;

import android.content.Context;
import android.content.Intent;
import android.net.VpnService;
import android.os.Build;
import android.os.ParcelFileDescriptor;
import android.system.OsConstants;
import android.util.Log;
import androidx.collection.ArraySet;
import com.wireguard.android.backend.BackendException;
import com.wireguard.android.backend.Tunnel;
import com.wireguard.android.util.SharedLibraryLoader;
import com.wireguard.config.Config;
import com.wireguard.config.InetEndpoint;
import com.wireguard.config.InetNetwork;
import com.wireguard.config.Peer;
import com.wireguard.crypto.Key;
import com.wireguard.crypto.KeyFormatException;
import com.wireguard.util.NonNullForAll;
import java.net.InetAddress;
import java.util.Collections;
import java.util.Iterator;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.FutureTask;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

@NonNullForAll
/* loaded from: classes2.dex */
public final class GoBackend implements Backend {
    private static final int DNS_RESOLUTION_RETRIES = 10;
    private static final String TAG = "WireGuard/GoBackend";
    private static AlwaysOnCallback alwaysOnCallback;
    private static GhettoCompletableFuture<VpnService> vpnService = new GhettoCompletableFuture<>();
    private final Context context;
    private Config currentConfig;
    private Tunnel currentTunnel;
    private int currentTunnelHandle = -1;

    /* loaded from: classes2.dex */
    public interface AlwaysOnCallback {
        void alwaysOnTriggered();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class GhettoCompletableFuture<V> {
        private final LinkedBlockingQueue<V> completion;
        private final FutureTask<V> result;

        private GhettoCompletableFuture() {
            final LinkedBlockingQueue<V> linkedBlockingQueue = new LinkedBlockingQueue<>(1);
            this.completion = linkedBlockingQueue;
            Objects.requireNonNull(linkedBlockingQueue);
            this.result = new FutureTask<>(new Callable() { // from class: com.wireguard.android.backend.GoBackend$GhettoCompletableFuture$$ExternalSyntheticLambda0
                @Override // java.util.concurrent.Callable
                public final Object call() {
                    Object peek;
                    peek = linkedBlockingQueue.peek();
                    return peek;
                }
            });
        }

        public boolean complete(V v) {
            boolean offer = this.completion.offer(v);
            if (offer) {
                this.result.run();
            }
            return offer;
        }

        public V get() throws ExecutionException, InterruptedException {
            return this.result.get();
        }

        public V get(long j, TimeUnit timeUnit) throws ExecutionException, InterruptedException, TimeoutException {
            return this.result.get(j, timeUnit);
        }

        public boolean isDone() {
            return !this.completion.isEmpty();
        }

        public GhettoCompletableFuture<V> newIncompleteFuture() {
            return new GhettoCompletableFuture<>();
        }
    }

    /* loaded from: classes2.dex */
    public static class VpnService extends android.net.VpnService {
        private GoBackend owner;

        public VpnService.Builder getBuilder() {
            return new VpnService.Builder(this);
        }

        @Override // android.app.Service
        public void onCreate() {
            GoBackend.vpnService.complete(this);
            super.onCreate();
        }

        @Override // android.app.Service
        public void onDestroy() {
            Tunnel tunnel;
            GoBackend goBackend = this.owner;
            if (goBackend != null && (tunnel = goBackend.currentTunnel) != null) {
                if (this.owner.currentTunnelHandle != -1) {
                    GoBackend.wgTurnOff(this.owner.currentTunnelHandle);
                }
                this.owner.currentTunnel = null;
                this.owner.currentTunnelHandle = -1;
                this.owner.currentConfig = null;
                tunnel.onStateChange(Tunnel.State.DOWN);
            }
            GoBackend.vpnService = GoBackend.vpnService.newIncompleteFuture();
            super.onDestroy();
        }

        @Override // android.app.Service
        public int onStartCommand(Intent intent, int i, int i2) {
            GoBackend.vpnService.complete(this);
            if (intent == null || intent.getComponent() == null || !intent.getComponent().getPackageName().equals(getPackageName())) {
                Log.d(GoBackend.TAG, "Service started by Always-on VPN feature");
                if (GoBackend.alwaysOnCallback != null) {
                    GoBackend.alwaysOnCallback.alwaysOnTriggered();
                }
            }
            return super.onStartCommand(intent, i, i2);
        }

        public void setOwner(GoBackend goBackend) {
            this.owner = goBackend;
        }
    }

    public GoBackend(Context context) {
        SharedLibraryLoader.loadSharedLibrary(context, "wg-go");
        this.context = context;
    }

    public static void setAlwaysOnCallback(AlwaysOnCallback alwaysOnCallback2) {
        alwaysOnCallback = alwaysOnCallback2;
    }

    private void setStateInternal(Tunnel tunnel, Config config, Tunnel.State state) throws Exception {
        Log.i(TAG, "Bringing tunnel " + tunnel.getName() + ' ' + state);
        if (state != Tunnel.State.UP) {
            int i = this.currentTunnelHandle;
            if (i == -1) {
                Log.w(TAG, "Tunnel already down");
                return;
            }
            this.currentTunnel = null;
            this.currentTunnelHandle = -1;
            this.currentConfig = null;
            wgTurnOff(i);
            try {
                vpnService.get(0L, TimeUnit.NANOSECONDS).stopSelf();
            } catch (TimeoutException unused) {
            }
        } else {
            if (config == null) {
                throw new BackendException(BackendException.Reason.TUNNEL_MISSING_CONFIG, new Object[0]);
            }
            if (VpnService.prepare(this.context) != null) {
                throw new BackendException(BackendException.Reason.VPN_NOT_AUTHORIZED, new Object[0]);
            }
            if (!vpnService.isDone()) {
                Log.d(TAG, "Requesting to start VpnService");
                this.context.startService(new Intent(this.context, (Class<?>) VpnService.class));
            }
            try {
                VpnService vpnService2 = vpnService.get(2L, TimeUnit.SECONDS);
                vpnService2.setOwner(this);
                if (this.currentTunnelHandle != -1) {
                    Log.w(TAG, "Tunnel already up");
                    return;
                }
                loop0: for (int i2 = 0; i2 < 10; i2++) {
                    Iterator<Peer> it = config.getPeers().iterator();
                    while (it.hasNext()) {
                        InetEndpoint orElse = it.next().getEndpoint().orElse(null);
                        if (orElse != null && orElse.getResolved().orElse(null) == null) {
                            if (i2 >= 9) {
                                throw new BackendException(BackendException.Reason.DNS_RESOLUTION_FAILURE, orElse.getHost());
                            }
                            Log.w(TAG, "DNS host \"" + orElse.getHost() + "\" failed to resolve; trying again");
                            Thread.sleep(1000L);
                        }
                    }
                }
                String wgUserspaceString = config.toWgUserspaceString();
                VpnService.Builder builder = vpnService2.getBuilder();
                builder.setSession(tunnel.getName());
                Iterator<String> it2 = config.getInterface().getExcludedApplications().iterator();
                while (it2.hasNext()) {
                    builder.addDisallowedApplication(it2.next());
                }
                Iterator<String> it3 = config.getInterface().getIncludedApplications().iterator();
                while (it3.hasNext()) {
                    builder.addAllowedApplication(it3.next());
                }
                for (InetNetwork inetNetwork : config.getInterface().getAddresses()) {
                    builder.addAddress(inetNetwork.getAddress(), inetNetwork.getMask());
                }
                Iterator<InetAddress> it4 = config.getInterface().getDnsServers().iterator();
                while (it4.hasNext()) {
                    builder.addDnsServer(it4.next().getHostAddress());
                }
                Iterator<String> it5 = config.getInterface().getDnsSearchDomains().iterator();
                while (it5.hasNext()) {
                    builder.addSearchDomain(it5.next());
                }
                Iterator<Peer> it6 = config.getPeers().iterator();
                boolean z = false;
                while (it6.hasNext()) {
                    for (InetNetwork inetNetwork2 : it6.next().getAllowedIps()) {
                        if (inetNetwork2.getMask() == 0) {
                            z = true;
                        }
                        builder.addRoute(inetNetwork2.getAddress(), inetNetwork2.getMask());
                    }
                }
                if (!z || config.getPeers().size() != 1) {
                    builder.allowFamily(OsConstants.AF_INET);
                    builder.allowFamily(OsConstants.AF_INET6);
                }
                builder.setMtu(config.getInterface().getMtu().orElse(1280).intValue());
                if (Build.VERSION.SDK_INT >= 29) {
                    builder.setMetered(false);
                }
                vpnService2.setUnderlyingNetworks(null);
                builder.setBlocking(true);
                ParcelFileDescriptor establish = builder.establish();
                try {
                    if (establish == null) {
                        throw new BackendException(BackendException.Reason.TUN_CREATION_ERROR, new Object[0]);
                    }
                    Log.d(TAG, "Go backend " + wgVersion());
                    this.currentTunnelHandle = wgTurnOn(tunnel.getName(), establish.detachFd(), wgUserspaceString);
                    if (establish != null) {
                        establish.close();
                    }
                    int i3 = this.currentTunnelHandle;
                    if (i3 < 0) {
                        throw new BackendException(BackendException.Reason.GO_ACTIVATION_ERROR_CODE, Integer.valueOf(this.currentTunnelHandle));
                    }
                    this.currentTunnel = tunnel;
                    this.currentConfig = config;
                    vpnService2.protect(wgGetSocketV4(i3));
                    vpnService2.protect(wgGetSocketV6(this.currentTunnelHandle));
                } catch (Throwable th) {
                    if (establish != null) {
                        try {
                            establish.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (TimeoutException e) {
                BackendException backendException = new BackendException(BackendException.Reason.UNABLE_TO_START_VPN, new Object[0]);
                backendException.initCause(e);
                throw backendException;
            }
        }
        tunnel.onStateChange(state);
    }

    private static native String wgGetConfig(int i);

    private static native int wgGetSocketV4(int i);

    private static native int wgGetSocketV6(int i);

    /* JADX INFO: Access modifiers changed from: private */
    public static native void wgTurnOff(int i);

    private static native int wgTurnOn(String str, int i, String str2);

    private static native String wgVersion();

    @Override // com.wireguard.android.backend.Backend
    public Set<String> getRunningTunnelNames() {
        if (this.currentTunnel == null) {
            return Collections.emptySet();
        }
        ArraySet arraySet = new ArraySet();
        arraySet.add(this.currentTunnel.getName());
        return arraySet;
    }

    @Override // com.wireguard.android.backend.Backend
    public Tunnel.State getState(Tunnel tunnel) {
        return this.currentTunnel == tunnel ? Tunnel.State.UP : Tunnel.State.DOWN;
    }

    @Override // com.wireguard.android.backend.Backend
    public Statistics getStatistics(Tunnel tunnel) {
        int i;
        String wgGetConfig;
        long parseLong;
        Statistics statistics = new Statistics();
        if (tunnel != this.currentTunnel || (i = this.currentTunnelHandle) == -1 || (wgGetConfig = wgGetConfig(i)) == null) {
            return statistics;
        }
        Key key = null;
        long j = 0;
        long j2 = 0;
        long j3 = 0;
        for (String str : wgGetConfig.split("\\n")) {
            if (str.startsWith("public_key=")) {
                if (key != null) {
                    statistics.add(key, j, j2, j3);
                }
                try {
                    key = Key.fromHex(str.substring(11));
                } catch (KeyFormatException unused) {
                    key = null;
                }
                j = 0;
                j2 = 0;
            } else {
                if (str.startsWith("rx_bytes=")) {
                    if (key != null) {
                        try {
                            j = Long.parseLong(str.substring(9));
                        } catch (NumberFormatException unused2) {
                            j = 0;
                        }
                    }
                } else if (!str.startsWith("tx_bytes=")) {
                    if (str.startsWith("last_handshake_time_sec=")) {
                        if (key != null) {
                            try {
                                parseLong = Long.parseLong(str.substring(24)) * 1000;
                            } catch (NumberFormatException unused3) {
                            }
                        }
                    } else if (str.startsWith("last_handshake_time_nsec=") && key != null) {
                        parseLong = Long.parseLong(str.substring(25)) / 1000000;
                    }
                    j3 += parseLong;
                } else if (key != null) {
                    try {
                        j2 = Long.parseLong(str.substring(9));
                    } catch (NumberFormatException unused4) {
                        j2 = 0;
                    }
                }
            }
            j3 = 0;
        }
        if (key != null) {
            statistics.add(key, j, j2, j3);
        }
        return statistics;
    }

    @Override // com.wireguard.android.backend.Backend
    public String getVersion() {
        return wgVersion();
    }

    @Override // com.wireguard.android.backend.Backend
    public Tunnel.State setState(Tunnel tunnel, Tunnel.State state, Config config) throws Exception {
        Tunnel.State state2 = getState(tunnel);
        if (state == Tunnel.State.TOGGLE) {
            state = state2 == Tunnel.State.UP ? Tunnel.State.DOWN : Tunnel.State.UP;
        }
        if (state == state2 && tunnel == this.currentTunnel && config == this.currentConfig) {
            return state2;
        }
        if (state == Tunnel.State.UP) {
            Config config2 = this.currentConfig;
            Tunnel tunnel2 = this.currentTunnel;
            if (tunnel2 != null) {
                setStateInternal(tunnel2, null, Tunnel.State.DOWN);
            }
            try {
                setStateInternal(tunnel, config, state);
            } catch (Exception e) {
                if (tunnel2 != null) {
                    setStateInternal(tunnel2, config2, Tunnel.State.UP);
                }
                throw e;
            }
        } else if (state == Tunnel.State.DOWN && tunnel == this.currentTunnel) {
            setStateInternal(tunnel, null, Tunnel.State.DOWN);
        }
        return getState(tunnel);
    }
}
