package com.wireguard.android.backend;

import android.content.Context;
import android.net.Network;
import android.net.VpnService;
import android.os.Build;
import android.os.ParcelFileDescriptor;
import android.util.Log;
import com.wireguard.android.backend.BackendException;
import com.wireguard.android.backend.Tunnel;
import com.wireguard.android.util.SharedLibraryLoader;
import com.wireguard.config.Config;
import com.wireguard.config.InetNetwork;
import com.wireguard.config.Peer;
import java.io.File;
import java.io.FileDescriptor;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.util.Iterator;
import java.util.LinkedHashSet;

/* loaded from: classes3.dex */
public final class GoBackend {
    private static final String TAG = "WireGuard/" + GoBackend.class.getSimpleName();
    private final Context context;
    private Config currentConfig;
    private Tunnel currentTunnel;
    private int currentTunnelHandle = -1;
    private final File socketDirectory;
    private final ParentVpnService vpnService;

    /* loaded from: classes3.dex */
    public interface ParentVpnService {

        /* loaded from: classes3.dex */
        public interface Builder {
            void addAddress(InetAddress inetAddress, int i);

            void addAllowedApplication(String str);

            void addDisallowedApplication(String str);

            void addDnsServer(String str);

            void addRoute(InetAddress inetAddress, int i);

            ParcelFileDescriptor establish();

            void setBlocking(boolean z);

            void setMetered(boolean z);

            void setMtu(int i);

            void setSession(String str);
        }

        Object newBuilder();

        boolean protect(int i);

        void setUnderlyingNetworks(Network[] networkArr);
    }

    public GoBackend(Context context, ParentVpnService parentVpnService) {
        SharedLibraryLoader.loadSharedLibrary(context, "wg-go");
        this.context = context;
        this.vpnService = parentVpnService;
        this.socketDirectory = createSocketDirectory(context);
    }

    private File createSocketDirectory(Context context) {
        File file;
        try {
            file = new File(context.getApplicationContext().getCacheDir().getCanonicalFile(), "wireguard");
            try {
                if (file.exists() && ((!file.getCanonicalFile().equals(file.getAbsoluteFile())) || file.isFile())) {
                    try {
                        file.delete();
                    } catch (Throwable unused) {
                    }
                }
                if (!file.exists()) {
                    file.mkdirs();
                }
            } catch (Throwable unused2) {
            }
        } catch (Throwable unused3) {
            file = null;
        }
        if (file != null) {
            try {
                if (file.exists() && file.isDirectory()) {
                    if (file.getCanonicalFile().equals(file.getAbsoluteFile())) {
                        return file;
                    }
                }
            } catch (Throwable unused4) {
            }
        }
        return null;
    }

    private void setCompatBlocking(FileDescriptor fileDescriptor, boolean z) {
        if (Build.VERSION.SDK_INT >= 21) {
            return;
        }
        try {
            try {
                Method declaredMethod = Class.forName("libcore.io.IoUtils").getDeclaredMethod("setBlocking", FileDescriptor.class, Boolean.TYPE);
                declaredMethod.setAccessible(true);
                try {
                    declaredMethod.invoke(null, fileDescriptor, Boolean.valueOf(z));
                } catch (Throwable unused) {
                    Log.w(TAG, "Cannot set tunnel's fd as blocking=" + z);
                }
            } catch (Throwable unused2) {
                Log.w(TAG, "Cannot set tunnel's fd as blocking=" + z);
            }
        } catch (Throwable unused3) {
            Log.w(TAG, "Cannot set tunnel's fd as blocking=" + z);
        }
    }

    private void setStateInternal(Tunnel tunnel, Config config, Tunnel.State state) throws Exception {
        int i = Build.VERSION.SDK_INT;
        String str = TAG;
        Log.i(str, "Bringing tunnel " + tunnel.getName() + ' ' + state);
        if (state != Tunnel.State.UP) {
            int i2 = this.currentTunnelHandle;
            if (i2 == -1) {
                Log.w(str, "Tunnel already down");
                return;
            }
            wgTurnOff(i2);
            this.currentTunnel = null;
            this.currentTunnelHandle = -1;
            this.currentConfig = null;
        } else {
            if (config == null) {
                throw new BackendException(BackendException.Reason.TUNNEL_MISSING_CONFIG, new Object[0]);
            }
            if (VpnService.prepare(this.context) != null) {
                throw new BackendException(BackendException.Reason.VPN_NOT_AUTHORIZED, new Object[0]);
            }
            File file = this.socketDirectory;
            if (file == null || !file.exists() || !file.isDirectory() || !file.getCanonicalFile().equals(file.getAbsoluteFile())) {
                throw new BackendException(BackendException.Reason.NO_SOCKET_DIRECTORY, new Object[0]);
            }
            String canonicalPath = file.getCanonicalPath();
            ParentVpnService parentVpnService = this.vpnService;
            if (this.currentTunnelHandle != -1) {
                Log.w(str, "Tunnel already up");
                return;
            }
            String wgUserspaceString = config.toWgUserspaceString();
            ParentVpnService.Builder builder = (ParentVpnService.Builder) parentVpnService.newBuilder();
            builder.setSession(tunnel.getName());
            if (i >= 21) {
                boolean isBlacklist = config.getInterface().isBlacklist();
                LinkedHashSet linkedHashSet = new LinkedHashSet(config.getInterface().getApplicationList());
                if (isBlacklist) {
                    linkedHashSet.remove(this.context.getPackageName());
                    Iterator it = linkedHashSet.iterator();
                    while (it.hasNext()) {
                        String str2 = (String) it.next();
                        if (str2 != null) {
                            try {
                                builder.addDisallowedApplication(str2);
                            } catch (Throwable unused) {
                                Log.w(TAG, "package not installed: " + str2);
                            }
                        }
                    }
                } else {
                    linkedHashSet.add(this.context.getPackageName());
                    Iterator it2 = linkedHashSet.iterator();
                    while (it2.hasNext()) {
                        String str3 = (String) it2.next();
                        if (str3 != null) {
                            try {
                                builder.addAllowedApplication(str3);
                            } catch (Throwable unused2) {
                                Log.w(TAG, "package not installed: " + str3);
                            }
                        }
                    }
                }
            }
            for (InetNetwork inetNetwork : config.getInterface().getAddresses()) {
                builder.addAddress(inetNetwork.getAddress(), inetNetwork.getMask());
            }
            Iterator<InetAddress> it3 = config.getInterface().getDnsServers().iterator();
            while (it3.hasNext()) {
                builder.addDnsServer(it3.next().getHostAddress());
            }
            Iterator<Peer> it4 = config.getPeers().iterator();
            while (it4.hasNext()) {
                for (InetNetwork inetNetwork2 : it4.next().getAllowedIps()) {
                    builder.addRoute(inetNetwork2.getAddress(), inetNetwork2.getMask());
                }
            }
            builder.setMtu(config.getInterface().getMtu().orElse(1280).intValue());
            if (i >= 29) {
                builder.setMetered(false);
            }
            if (i >= 23) {
                parentVpnService.setUnderlyingNetworks(null);
            }
            if (i >= 21) {
                builder.setBlocking(true);
            }
            ParcelFileDescriptor establish = builder.establish();
            try {
                if (establish == null) {
                    throw new BackendException(BackendException.Reason.TUN_CREATION_ERROR, new Object[0]);
                }
                setCompatBlocking(establish.getFileDescriptor(), true);
                Log.d(TAG, "Go backend v" + wgVersion());
                this.currentTunnelHandle = wgTurnOn(canonicalPath, tunnel.getName(), establish.detachFd(), wgUserspaceString);
                if (establish != null) {
                    establish.close();
                }
                int i3 = this.currentTunnelHandle;
                if (i3 < 0) {
                    throw new BackendException(BackendException.Reason.GO_ACTIVATION_ERROR_CODE, Integer.valueOf(this.currentTunnelHandle));
                }
                this.currentTunnel = tunnel;
                this.currentConfig = config;
                parentVpnService.protect(wgGetSocketV4(i3));
                parentVpnService.protect(wgGetSocketV6(this.currentTunnelHandle));
            } finally {
            }
        }
        tunnel.onStateChange(state);
    }

    private static native String wgGetConfig(int i);

    private static native int wgGetSocketV4(int i);

    private static native int wgGetSocketV6(int i);

    private static native void wgTurnOff(int i);

    private static native int wgTurnOn(String str, String str2, int i, String str3);

    private static native String wgVersion();

    public String getNativeStatistics(Tunnel tunnel) {
        if (tunnel != this.currentTunnel) {
            return null;
        }
        try {
            return wgGetConfig(this.currentTunnelHandle);
        } catch (Throwable unused) {
            return null;
        }
    }

    public Tunnel.State getState(Tunnel tunnel) {
        return this.currentTunnel == tunnel ? Tunnel.State.UP : Tunnel.State.DOWN;
    }

    public Tunnel.State setState(Tunnel tunnel, Tunnel.State state, Config config) throws Exception {
        Tunnel.State state2 = getState(tunnel);
        if (state == Tunnel.State.TOGGLE && state2 == (state = Tunnel.State.UP)) {
            state = Tunnel.State.DOWN;
        }
        if (state == state2 && tunnel == this.currentTunnel && config == this.currentConfig) {
            return state2;
        }
        if (state == Tunnel.State.UP) {
            Config config2 = this.currentConfig;
            Tunnel tunnel2 = this.currentTunnel;
            if (tunnel2 != null) {
                setStateInternal(tunnel2, null, Tunnel.State.DOWN);
            }
            try {
                setStateInternal(tunnel, config, state);
            } catch (Exception e) {
                if (tunnel2 != null) {
                    setStateInternal(tunnel2, config2, Tunnel.State.UP);
                }
                throw e;
            }
        } else {
            Tunnel.State state3 = Tunnel.State.DOWN;
            if (state == state3 && tunnel == this.currentTunnel) {
                setStateInternal(tunnel, null, state3);
            }
        }
        return getState(tunnel);
    }
}
