package org.torproject.android.service.vpn;

import IPtProxy.IPtProxy;
import IPtProxy.PacketFlow;
import android.content.Intent;
import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.net.VpnService;
import android.os.Build;
import android.os.Handler;
import android.os.Looper;
import android.os.Message;
import android.os.ParcelFileDescriptor;
import android.util.Log;
import android.widget.Toast;
import com.runjva.sourceforge.jsocks.protocol.ProxyServer;
import com.runjva.sourceforge.jsocks.server.ServerAuthenticatorNone;
import java.io.DataOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.pcap4j.packet.IllegalRawDataException;
import org.pcap4j.packet.IpPacket;
import org.pcap4j.packet.IpSelector;
import org.pcap4j.packet.Packet;
import org.pcap4j.packet.UdpPacket;
import org.pcap4j.packet.namednumber.IpNumber;
import org.pcap4j.packet.namednumber.UdpPort;
import org.torproject.android.service.OrbotConstants;
import org.torproject.android.service.OrbotService;
import org.torproject.android.service.R;
import org.torproject.android.service.util.Prefs;

/* loaded from: classes3.dex */
public class OrbotVpnManager implements Handler.Callback, OrbotConstants {
    private static final int DELAY_FD_LISTEN_MS = 5000;
    public static final String FAKE_DNS = "10.10.10.10";
    private static final String TAG = "OrbotVpnService";
    private static final boolean mIsLollipop;
    private static final String mSessionName = "OrbotVPN";
    public static String sSocksProxyLocalhost;
    public static int sSocksProxyServerPort;
    private FileInputStream fis;
    private DataOutputStream fos;
    private DNSResolver mDnsResolver;
    private ParcelFileDescriptor mInterface;
    private final VpnService mService;
    private ProxyServer mSocksProxyServer;
    private Thread mThreadPacket;
    private final SharedPreferences prefs;
    boolean isStarted = false;
    private int mTorSocks = -1;
    private int mTorDns = -1;
    private final ExecutorService mExec = Executors.newFixedThreadPool(10);
    private boolean keepRunningPacket = false;

    static {
        mIsLollipop = Build.VERSION.SDK_INT >= 21;
        sSocksProxyServerPort = -1;
        sSocksProxyLocalhost = null;
    }

    public OrbotVpnManager(OrbotService orbotService) {
        this.mService = orbotService;
        this.prefs = Prefs.getSharedPrefs(orbotService.getApplicationContext());
    }

    private void doLollipopAppRouting(VpnService.Builder builder) throws PackageManager.NameNotFoundException {
        ArrayList<TorifiedApp> apps = TorifiedApp.getApps(this.mService, this.prefs);
        boolean z = !isVpnLockdown(this.mService);
        Iterator<TorifiedApp> it = apps.iterator();
        boolean z2 = false;
        while (it.hasNext()) {
            TorifiedApp next = it.next();
            if (next.isTorified() && !next.getPackageName().equals(this.mService.getPackageName())) {
                if (this.prefs.getBoolean(next.getPackageName() + OrbotConstants.APP_TOR_KEY, true)) {
                    builder.addAllowedApplication(next.getPackageName());
                }
                z2 = true;
            }
        }
        if (!z2 && z) {
            builder.addDisallowedApplication(this.mService.getPackageName());
            Iterator<String> it2 = OrbotConstants.BYPASS_VPN_PACKAGES.iterator();
            while (it2.hasNext()) {
                builder.addDisallowedApplication(it2.next());
            }
            return;
        }
        StringBuilder sb = new StringBuilder();
        sb.append("Skip bypass perApp? ");
        sb.append(z2);
        sb.append(" vpnLockdown? ");
        sb.append(!z);
        Log.i(TAG, sb.toString());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isPacketDNS(IpPacket ipPacket) {
        return ipPacket.getHeader().getProtocol() == IpNumber.UDP && ((UdpPacket) ipPacket.getPayload()).getHeader().getDstPort() == UdpPort.DOMAIN;
    }

    private boolean isVpnLockdown(VpnService vpnService) {
        if (Build.VERSION.SDK_INT >= 29) {
            return vpnService.isLockdownEnabled();
        }
        return false;
    }

    private synchronized void setupTun2Socks(VpnService.Builder builder) {
        try {
            builder.addAddress("192.168.50.1", 24).addRoute("0.0.0.0", 0).setSession(this.mService.getString(R.string.orbot_vpn)).addDnsServer(FAKE_DNS).addRoute(FAKE_DNS, 32);
            boolean z = mIsLollipop;
            if (z) {
                doLollipopAppRouting(builder);
            }
            if (Build.VERSION.SDK_INT >= 29) {
                builder.setMetered(false);
            }
            builder.setSession(mSessionName).setConfigureIntent(null);
            if (z) {
                builder.setBlocking(true);
            }
            this.mInterface = builder.establish();
            this.mDnsResolver = new DNSResolver(this.mTorDns);
            new Handler(Looper.getMainLooper()).postDelayed(new Runnable() { // from class: org.torproject.android.service.vpn.OrbotVpnManager$$ExternalSyntheticLambda1
                @Override // java.lang.Runnable
                public final void run() {
                    OrbotVpnManager.this.m1462x65e817da();
                }
            }, 5000L);
        } catch (Exception e) {
            Log.d(TAG, "VPN tun setup has stopped", e);
        }
    }

    private void startListeningToFD(String str) throws IOException {
        if (this.mInterface == null) {
            return;
        }
        this.fis = new FileInputStream(this.mInterface.getFileDescriptor());
        this.fos = new DataOutputStream(new FileOutputStream(this.mInterface.getFileDescriptor()));
        final PacketFlow packetFlow = new PacketFlow() { // from class: org.torproject.android.service.vpn.OrbotVpnManager$$ExternalSyntheticLambda0
            @Override // IPtProxy.PacketFlow
            public final void writePacket(byte[] bArr) {
                OrbotVpnManager.this.m1463x86c081b4(bArr);
            }
        };
        IPtProxy.startSocks(packetFlow, str, this.mTorSocks);
        Thread thread = new Thread() { // from class: org.torproject.android.service.vpn.OrbotVpnManager.2
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                byte[] bArr = new byte[65534];
                OrbotVpnManager.this.keepRunningPacket = true;
                while (OrbotVpnManager.this.keepRunningPacket) {
                    try {
                        int read = OrbotVpnManager.this.fis.read(bArr);
                        if (read > 0) {
                            byte[] copyOf = Arrays.copyOf(bArr, read);
                            try {
                                Packet newPacket = IpSelector.newPacket(copyOf, 0, copyOf.length);
                                if (newPacket instanceof IpPacket) {
                                    IpPacket ipPacket = (IpPacket) newPacket;
                                    if (OrbotVpnManager.isPacketDNS(ipPacket)) {
                                        OrbotVpnManager.this.mExec.execute(new RequestPacketHandler(ipPacket, packetFlow, OrbotVpnManager.this.mDnsResolver));
                                    } else {
                                        IPtProxy.inputPacket(copyOf);
                                    }
                                }
                            } catch (IllegalRawDataException e) {
                                Log.e(OrbotVpnManager.TAG, e.getLocalizedMessage());
                            }
                        }
                    } catch (Exception e2) {
                        Log.d(OrbotVpnManager.TAG, "error reading from VPN fd: " + e2.getLocalizedMessage());
                    }
                }
            }
        };
        this.mThreadPacket = thread;
        thread.start();
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [org.torproject.android.service.vpn.OrbotVpnManager$1] */
    private void startSocksBypass() {
        new Thread() { // from class: org.torproject.android.service.vpn.OrbotVpnManager.1
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                if (OrbotVpnManager.sSocksProxyServerPort == -1) {
                    try {
                        OrbotVpnManager.sSocksProxyLocalhost = OrbotConstants.IP_LOCALHOST;
                        OrbotVpnManager.sSocksProxyServerPort = (int) ((Math.random() * 1000.0d) + 10000.0d);
                    } catch (Exception e) {
                        Log.e(OrbotVpnManager.TAG, "Unable to access localhost", e);
                        throw new RuntimeException("Unable to access localhost: " + e);
                    }
                }
                if (OrbotVpnManager.this.mSocksProxyServer != null) {
                    OrbotVpnManager.this.stopSocksBypass();
                }
                try {
                    OrbotVpnManager.this.mSocksProxyServer = new ProxyServer(new ServerAuthenticatorNone(null, null));
                    ProxyServer.setVpnService(OrbotVpnManager.this.mService);
                    OrbotVpnManager.this.mSocksProxyServer.start(OrbotVpnManager.sSocksProxyServerPort, 5, InetAddress.getLocalHost());
                } catch (Exception e2) {
                    Log.e(OrbotVpnManager.TAG, "error getting host", e2);
                }
            }
        }.start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void stopSocksBypass() {
        ProxyServer proxyServer = this.mSocksProxyServer;
        if (proxyServer != null) {
            proxyServer.stop();
            this.mSocksProxyServer = null;
        }
    }

    private void stopVPN() {
        if (!mIsLollipop) {
            stopSocksBypass();
        }
        this.keepRunningPacket = false;
        if (this.mInterface != null) {
            try {
                Log.d(TAG, "closing interface, destroying VPN interface");
                IPtProxy.stopSocks();
                FileInputStream fileInputStream = this.fis;
                if (fileInputStream != null) {
                    fileInputStream.close();
                    this.fis = null;
                }
                DataOutputStream dataOutputStream = this.fos;
                if (dataOutputStream != null) {
                    dataOutputStream.close();
                    this.fos = null;
                }
                this.mInterface.close();
                this.mInterface = null;
            } catch (Error e) {
                Log.d(TAG, "error stopping tun2socks", e);
            } catch (Exception e2) {
                Log.d(TAG, "error stopping tun2socks", e2);
            }
        }
        Thread thread = this.mThreadPacket;
        if (thread == null || !thread.isAlive()) {
            return;
        }
        this.mThreadPacket.interrupt();
    }

    public int handleIntent(VpnService.Builder builder, Intent intent) {
        String action;
        if (intent != null && (action = intent.getAction()) != null) {
            if (action.equals(OrbotConstants.ACTION_START_VPN) || action.equals("org.torproject.android.intent.action.START")) {
                Log.d(TAG, "starting VPN");
                this.isStarted = true;
            } else if (action.equals(OrbotConstants.ACTION_STOP_VPN) || action.equals(OrbotConstants.ACTION_STOP)) {
                this.isStarted = false;
                Log.d(TAG, "stopping VPN");
                stopVPN();
                this.mTorSocks = -1;
                this.mTorDns = -1;
            } else if (action.equals(OrbotConstants.LOCAL_ACTION_PORTS)) {
                Log.d(TAG, "setting VPN ports");
                int intExtra = intent.getIntExtra(OrbotConstants.EXTRA_SOCKS_PROXY_PORT, -1);
                intent.getIntExtra(OrbotConstants.EXTRA_HTTP_PROXY_PORT, -1);
                int intExtra2 = intent.getIntExtra(OrbotConstants.EXTRA_DNS_PORT, -1);
                if (intExtra != -1 && intExtra != this.mTorSocks && intExtra2 != -1 && intExtra2 != this.mTorDns) {
                    this.mTorSocks = intExtra;
                    this.mTorDns = intExtra2;
                    if (!mIsLollipop) {
                        startSocksBypass();
                    }
                    setupTun2Socks(builder);
                }
            }
        }
        return 1;
    }

    @Override // android.os.Handler.Callback
    public boolean handleMessage(Message message) {
        if (message == null) {
            return true;
        }
        Toast.makeText(this.mService, message.what, 0).show();
        return true;
    }

    public boolean isStarted() {
        return this.isStarted;
    }

    /* renamed from: lambda$setupTun2Socks$0$org-torproject-android-service-vpn-OrbotVpnManager, reason: not valid java name */
    public /* synthetic */ void m1462x65e817da() {
        try {
            startListeningToFD(OrbotConstants.IP_LOCALHOST);
        } catch (IOException e) {
            Log.d(TAG, "VPN tun listening has stopped", e);
        }
    }

    /* renamed from: lambda$startListeningToFD$1$org-torproject-android-service-vpn-OrbotVpnManager, reason: not valid java name */
    public /* synthetic */ void m1463x86c081b4(byte[] bArr) {
        try {
            this.fos.write(bArr);
        } catch (IOException e) {
            Log.e(TAG, "error writing to VPN fd", e);
        }
    }

    public void restartVPN(VpnService.Builder builder) {
        stopVPN();
        if (!mIsLollipop) {
            startSocksBypass();
        }
        setupTun2Socks(builder);
    }
}
