package com.wireguard.android.backend;

import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.SharedPreferences;
import android.net.VpnService;
import android.os.Build;
import android.os.ParcelFileDescriptor;
import android.os.SystemClock;
import android.preference.PreferenceManager;
import androidx.annotation.Nullable;
import androidx.collection.ArraySet;
import androidx.core.content.ContextCompat;
import com.surfshark.vpnclient.android.core.feature.vpn.ConnectionSetup;
import com.wireguard.Action;
import com.wireguard.WireguardCore;
import com.wireguard.android.backend.BackendException;
import com.wireguard.android.backend.Tunnel;
import com.wireguard.android.util.IPRange;
import com.wireguard.android.util.IPRangeSet;
import com.wireguard.android.util.NetworkUtils;
import com.wireguard.android.util.ServiceNotification;
import com.wireguard.android.util.SharedLibraryLoader;
import com.wireguard.android.util.UtilsKt;
import com.wireguard.config.Config;
import com.wireguard.config.InetNetwork;
import com.wireguard.config.Peer;
import com.wireguard.delegate.WireguardDelegate;
import com.wireguard.log.Logger;
import com.wireguard.model.ObservableTunnel;
import java.net.InetAddress;
import java.util.Collections;
import java.util.Iterator;
import java.util.Objects;
import java.util.Set;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.FutureTask;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

/* loaded from: classes4.dex */
public final class Backend {
    public static final String KILL_SWITCH_ENABLED = "kill_switch_enabled";
    public static final String VPN_CONNECTION_TIME = "vpn_connection_time";

    @Nullable
    private static AlwaysOnCallback alwaysOnCallback;
    private static volatile boolean killSwitchMode;
    private static CompletableFuture<VpnService> vpnService = new CompletableFuture<>();
    private final Context context;

    @Nullable
    private volatile Config currentConfig;

    @Nullable
    private volatile Tunnel currentTunnel;

    @Nullable
    private Timer mConnectionTimeTimer;

    @Nullable
    private KillSwitch mKillSwitch;
    private long mLastStart;

    @Nullable
    private ServiceNotification mServiceNotification;
    private volatile boolean mShowNotification;
    private volatile Tunnel.State currentState = Tunnel.State.Disabled;
    private volatile int currentTunnelHandle = -1;
    private final SharedPreferences mSharedPrefs = PreferenceManager.getDefaultSharedPreferences(WireguardCore.app);
    private final BroadcastReceiver onDisconnectReceiver = new BroadcastReceiver() { // from class: com.wireguard.android.backend.Backend.1
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            Backend.this.stopConnection();
        }
    };
    private final BroadcastReceiver onStopKillSwitchReceiver = new BroadcastReceiver() { // from class: com.wireguard.android.backend.Backend.2
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            if ((Backend.this.currentState == Tunnel.State.Disabled || Backend.this.currentState == Tunnel.State.Disconnecting) && Backend.isKillSwitchMode()) {
                Backend.this.mServiceNotification.destroy();
                boolean unused = Backend.killSwitchMode = false;
                if (Backend.this.mKillSwitch != null) {
                    Backend.this.mKillSwitch.closeBlocking();
                }
                Backend.this.stopVpnService();
            }
        }
    };

    /* loaded from: classes4.dex */
    public interface AlwaysOnCallback {
        void alwaysOnTriggered();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes4.dex */
    public static final class CompletableFuture<V> {
        private final LinkedBlockingQueue<V> completion;
        private final FutureTask<V> result;

        private CompletableFuture() {
            final LinkedBlockingQueue<V> linkedBlockingQueue = new LinkedBlockingQueue<>(1);
            this.completion = linkedBlockingQueue;
            Objects.requireNonNull(linkedBlockingQueue);
            this.result = new FutureTask<>(new Callable() { // from class: com.wireguard.android.backend.-$$Lambda$U6PwMKFbAxRqSNyMoKVudgEXCsA
                @Override // java.util.concurrent.Callable
                public final Object call() {
                    return linkedBlockingQueue.peek();
                }
            });
        }

        public boolean complete(V v) {
            boolean offer = this.completion.offer(v);
            if (offer) {
                this.result.run();
            }
            return offer;
        }

        public V get() throws ExecutionException, InterruptedException {
            return this.result.get();
        }

        public V get(long j, TimeUnit timeUnit) throws ExecutionException, InterruptedException, TimeoutException {
            return this.result.get(j, timeUnit);
        }

        public boolean isDone() {
            return !this.completion.isEmpty();
        }

        public CompletableFuture<V> newIncompleteFuture() {
            return new CompletableFuture<>();
        }
    }

    /* loaded from: classes4.dex */
    public static class VpnService extends android.net.VpnService {

        @Nullable
        private Backend owner;

        public VpnService.Builder getBuilder() {
            return new VpnService.Builder(this);
        }

        @Override // android.app.Service
        public void onCreate() {
            Backend.vpnService.complete(this);
            super.onCreate();
        }

        @Override // android.app.Service
        public void onDestroy() {
            Backend backend = this.owner;
            if (backend != null) {
                try {
                    Tunnel tunnel = backend.currentTunnel;
                    if (tunnel != null) {
                        if (this.owner.currentTunnelHandle != -1) {
                            Backend.wgTurnOff(this.owner.currentTunnelHandle);
                        }
                        this.owner.currentTunnel = null;
                        this.owner.currentTunnelHandle = -1;
                        this.owner.currentConfig = null;
                        tunnel.onStateChange(Tunnel.State.Disabled);
                    }
                    unregisterReceiver(this.owner.onDisconnectReceiver);
                    unregisterReceiver(this.owner.onStopKillSwitchReceiver);
                } catch (Exception unused) {
                }
            }
            WireguardDelegate.Companion companion = WireguardDelegate.INSTANCE;
            Objects.requireNonNull(companion);
            companion.vpnServiceStopped();
            CompletableFuture unused2 = Backend.vpnService = Backend.vpnService.newIncompleteFuture();
            super.onDestroy();
        }

        @Override // android.net.VpnService
        public void onRevoke() {
            super.onRevoke();
            Backend backend = this.owner;
            if (backend != null) {
                backend.stopConnection();
            }
            WireguardDelegate.Companion companion = WireguardDelegate.INSTANCE;
            Objects.requireNonNull(companion);
            companion.vpnRevoked(this);
        }

        @Override // android.app.Service
        public int onStartCommand(@Nullable Intent intent, int i, int i2) {
            Backend.vpnService.complete(this);
            if (intent == null || intent.getComponent() == null || !intent.getComponent().getPackageName().equals(getPackageName())) {
                Logger.INSTANCE.d("Backend", "Service started by Always-on VPN feature");
                if (Backend.alwaysOnCallback != null) {
                    Backend.alwaysOnCallback.alwaysOnTriggered();
                }
            }
            return super.onStartCommand(intent, i, i2);
        }

        public void setOwner(Backend backend) {
            this.owner = backend;
            registerReceiver(backend.onDisconnectReceiver, new IntentFilter(Action.CLOSE));
            registerReceiver(backend.onStopKillSwitchReceiver, new IntentFilter(Action.STOP_KILL_SWITCH));
        }
    }

    public Backend(Context context) {
        SharedLibraryLoader.loadSharedLibrary(context, "wg-go");
        this.context = context;
    }

    private boolean checkNetworkIsWhitelisted() {
        WireguardDelegate.Companion companion = WireguardDelegate.INSTANCE;
        Objects.requireNonNull(companion);
        return companion.isNetworkWhitelisted();
    }

    public static boolean isKillSwitchMode() {
        return killSwitchMode;
    }

    private void onException(Tunnel tunnel) {
        tunnel.onStateChange(Tunnel.State.Disabled);
        stopConnection();
        stopVpnService();
    }

    private void onStateChange(Tunnel tunnel, Tunnel.State state) {
        onStateChange(tunnel, state, this.currentConfig, false);
    }

    private void onStateChange(Tunnel tunnel, Tunnel.State state, Config config, boolean z) {
        this.currentState = state;
        if (z) {
            return;
        }
        tunnel.onStateChange(state);
        if (!this.mShowNotification || config == null) {
            return;
        }
        this.mServiceNotification.show(state, config.getProfileName());
    }

    public static void setAlwaysOnCallback(@Nullable AlwaysOnCallback alwaysOnCallback2) {
        alwaysOnCallback = alwaysOnCallback2;
    }

    private void setStateInternal(Tunnel tunnel, @Nullable Config config, Tunnel.State state, boolean z) {
        Logger logger = Logger.INSTANCE;
        logger.i("Backend", "Bringing tunnel " + tunnel.getName() + ' ' + state);
        try {
            if (state != Tunnel.State.Connected) {
                stopConnection(tunnel);
                return;
            }
            if (config == null) {
                throw new BackendException(BackendException.Reason.TUNNEL_MISSING_CONFIG, new Object[0]);
            }
            if (android.net.VpnService.prepare(this.context) != null) {
                throw new BackendException(BackendException.Reason.VPN_NOT_AUTHORIZED, new Object[0]);
            }
            if (!vpnService.isDone()) {
                startVpnService();
            }
            try {
                VpnService vpnService2 = vpnService.get(2L, TimeUnit.SECONDS);
                vpnService2.setOwner(this);
                this.mServiceNotification = new ServiceNotification(vpnService2);
                this.mShowNotification = true;
                if (!z) {
                    this.mServiceNotification.show(Tunnel.State.Connecting, config.getProfileName());
                }
                if (this.currentTunnelHandle != -1) {
                    logger.w("Backend", "Tunnel already up");
                    return;
                }
                if (!z) {
                    logger.deleteFileMaybe();
                }
                logger.d("Backend", "Connecting to config: \n" + config.toWgQuickString());
                this.mKillSwitch = new KillSwitch(vpnService2, config);
                onStateChange(tunnel, Tunnel.State.Connecting, config, z);
                if (!z) {
                    tunnel.onConnectionProgressChange(50);
                }
                String wgUserspaceString = config.toWgUserspaceString();
                VpnService.Builder builder = vpnService2.getBuilder();
                builder.setSession(config.getProfileName());
                WireguardDelegate.Companion companion = WireguardDelegate.INSTANCE;
                Objects.requireNonNull(companion);
                builder.setConfigureIntent(companion.getMainPendingIntent(vpnService2));
                Iterator<String> it = config.getInterface().getExcludedApplications().iterator();
                while (it.hasNext()) {
                    try {
                        builder.addDisallowedApplication(it.next());
                    } catch (Exception e) {
                        UtilsKt.printLog(e);
                    }
                }
                Iterator<String> it2 = config.getInterface().getIncludedApplications().iterator();
                while (it2.hasNext()) {
                    try {
                        builder.addAllowedApplication(it2.next());
                    } catch (Exception e2) {
                        UtilsKt.printLog(e2);
                    }
                }
                for (InetNetwork inetNetwork : config.getInterface().getAddresses()) {
                    builder.addAddress(inetNetwork.getAddress(), inetNetwork.getMask());
                }
                Iterator<InetAddress> it3 = config.getInterface().getDnsServers().iterator();
                while (it3.hasNext()) {
                    builder.addDnsServer(it3.next().getHostAddress());
                }
                IPRangeSet iPRangeSet = new IPRangeSet();
                IPRangeSet iPRangeSet2 = new IPRangeSet();
                if (!config.getInterface().isEnableIpv6().booleanValue()) {
                    iPRangeSet.add(IPRangeSet.INSTANCE.fromString(ConnectionSetup.INCLUDED_SUBNETS_IPV6));
                    builder.addAddress("fd00::1", 64);
                }
                for (Peer peer : config.getPeers()) {
                    Iterator<InetNetwork> it4 = peer.getAllowedIps().iterator();
                    while (it4.hasNext()) {
                        iPRangeSet.add(IPRangeSet.INSTANCE.fromString(it4.next().toString()));
                    }
                    Iterator<InetNetwork> it5 = peer.getExcludedIps().iterator();
                    while (it5.hasNext()) {
                        iPRangeSet2.add(IPRangeSet.INSTANCE.fromString(it5.next().toString()));
                    }
                    if (peer.isBypassLocalLan().booleanValue()) {
                        iPRangeSet2.add(IPRangeSet.INSTANCE.fromString(NetworkUtils.INSTANCE.getLocalNetworks(this.context, false)));
                    }
                }
                iPRangeSet2.add(IPRangeSet.INSTANCE.fromString(NetworkUtils.INSTANCE.getLocalNetworks(this.context, true)));
                iPRangeSet.remove(iPRangeSet2);
                IPRange iPRange = new IPRange("224.0.0.0", 3);
                Iterator<IPRange> subnets = iPRangeSet.subnets();
                while (subnets.hasNext()) {
                    IPRange next = subnets.next();
                    try {
                        if (iPRange.contains(next)) {
                            Logger.INSTANCE.d("Backend", "Ignoring multicast route " + next);
                        } else {
                            builder.addRoute(next.getFrom(), next.getPrefix().intValue());
                        }
                    } catch (IllegalArgumentException e3) {
                        if (next.getFrom().isMulticastAddress()) {
                            throw e3;
                        }
                    }
                }
                builder.setMtu(config.getInterface().getMtu().orElse(1280).intValue());
                int i = Build.VERSION.SDK_INT;
                if (i >= 29) {
                    builder.setMetered(false);
                }
                if (i >= 23) {
                    builder.setUnderlyingNetworks(null);
                }
                if (config.getInterface().isForwardDns().booleanValue()) {
                    builder.addDnsServer(config.getPeers().get(0).getEndpoint().get().getHost());
                }
                builder.setBlocking(true);
                ParcelFileDescriptor establish = builder.establish();
                try {
                    if (establish == null) {
                        throw new BackendException(BackendException.Reason.TUN_CREATION_ERROR, new Object[0]);
                    }
                    Logger.INSTANCE.d("Backend", "Go backend v" + wgVersion());
                    this.currentTunnelHandle = wgTurnOn(tunnel.getName(), establish.detachFd(), wgUserspaceString);
                    establish.close();
                    if (this.currentTunnelHandle < 0) {
                        throw new BackendException(BackendException.Reason.GO_ACTIVATION_ERROR_CODE, Integer.valueOf(this.currentTunnelHandle));
                    }
                    this.currentTunnel = tunnel;
                    this.currentConfig = config;
                    vpnService2.protect(wgGetSocketV4(this.currentTunnelHandle));
                    vpnService2.protect(wgGetSocketV6(this.currentTunnelHandle));
                    if (!z) {
                        this.mSharedPrefs.edit().putBoolean("vpn_connected", true).apply();
                        startConnectionTimeTimer();
                        this.mSharedPrefs.edit().putLong("vpn_connection_time_start", SystemClock.elapsedRealtime()).apply();
                    }
                    onStateChange(tunnel, Tunnel.State.Connected, config, z);
                    if (killSwitchMode) {
                        KillSwitch killSwitch = this.mKillSwitch;
                        if (killSwitch != null) {
                            killSwitch.closeBlocking();
                        }
                        killSwitchMode = false;
                    }
                } finally {
                }
            } catch (TimeoutException e4) {
                BackendException backendException = new BackendException(BackendException.Reason.UNABLE_TO_START_VPN, new Object[0]);
                backendException.initCause(e4);
                throw backendException;
            }
        } catch (Exception e5) {
            UtilsKt.printLog(e5);
            onException(tunnel);
        }
    }

    private boolean shouldStartKillSwitch() {
        return !killSwitchMode && this.currentState == Tunnel.State.Disabled && this.mSharedPrefs.getBoolean("kill_switch_enabled", false) && !checkNetworkIsWhitelisted();
    }

    private void startConnectionTimeTimer() {
        this.mLastStart = SystemClock.elapsedRealtime() / 1000;
        Timer timer = new Timer();
        this.mConnectionTimeTimer = timer;
        timer.scheduleAtFixedRate(new TimerTask() { // from class: com.wireguard.android.backend.Backend.3
            @Override // java.util.TimerTask, java.lang.Runnable
            public void run() {
                Backend.this.mSharedPrefs.edit().putLong("vpn_connection_time", Backend.this.mSharedPrefs.getLong("vpn_connection_time", 0L) + 3600).apply();
                Backend.this.mLastStart = SystemClock.elapsedRealtime() / 1000;
            }
        }, 3600000L, 3600000L);
    }

    private void startVpnService() {
        Logger.INSTANCE.d("Backend", "Requesting to start VpnService");
        ContextCompat.startForegroundService(this.context, new Intent(this.context, (Class<?>) VpnService.class));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void stopConnection() {
        if (this.currentTunnel != null) {
            stopConnection(this.currentTunnel);
        }
    }

    private void stopConnection(Tunnel tunnel) {
        if (this.currentTunnelHandle == -1) {
            Logger.INSTANCE.w("Backend", "Tunnel already down");
            return;
        }
        onStateChange(tunnel, Tunnel.State.Disconnecting);
        this.mShowNotification = false;
        stopTunnel();
        this.mSharedPrefs.edit().putBoolean("vpn_connected", false).apply();
        stopConnectionTimeTimer();
        onStateChange(tunnel, Tunnel.State.Disabled);
        if (!shouldStartKillSwitch()) {
            this.mServiceNotification.destroy();
            stopVpnService();
        } else {
            killSwitchMode = true;
            this.mServiceNotification.showKillSwitchNotification();
            this.mKillSwitch.establishBlocking();
        }
    }

    private void stopConnectionTimeTimer() {
        Timer timer = this.mConnectionTimeTimer;
        if (timer != null) {
            timer.cancel();
            this.mConnectionTimeTimer = null;
            this.mSharedPrefs.edit().putLong("vpn_connection_time", this.mSharedPrefs.getLong("vpn_connection_time", 0L) + ((SystemClock.elapsedRealtime() / 1000) - this.mLastStart)).apply();
        }
    }

    private void stopTunnel() {
        if (this.currentTunnelHandle != -1) {
            wgTurnOff(this.currentTunnelHandle);
            this.currentTunnel = null;
            this.currentTunnelHandle = -1;
            this.currentConfig = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void stopVpnService() {
        try {
            vpnService.get().stopSelf();
        } catch (Exception unused) {
        }
    }

    private static native String wgGetConfig(int i);

    private static native int wgGetSocketV4(int i);

    private static native int wgGetSocketV6(int i);

    /* JADX INFO: Access modifiers changed from: private */
    public static native void wgTurnOff(int i);

    private static native int wgTurnOn(String str, int i, String str2);

    private static native String wgVersion();

    public Set<String> getRunningTunnelNames() {
        if (this.currentTunnel == null) {
            return Collections.emptySet();
        }
        ArraySet arraySet = new ArraySet();
        arraySet.add(this.currentTunnel.getName());
        return arraySet;
    }

    public Tunnel.State setState(Tunnel tunnel, Tunnel.State state, @Nullable Config config, boolean z) {
        Tunnel.State state2 = this.currentState;
        if (state == state2 && tunnel == this.currentTunnel && config == this.currentConfig) {
            return state2;
        }
        if (state == Tunnel.State.Connected) {
            if (this.currentTunnel != null) {
                stopTunnel();
            }
            setStateInternal(tunnel, config, state, z);
        } else {
            Tunnel.State state3 = Tunnel.State.Disabled;
            if (state == state3 && tunnel == this.currentTunnel) {
                setStateInternal(tunnel, null, state3, z);
            }
        }
        return this.currentState;
    }

    public void startKillSwitch() {
        ObservableTunnel loadTunnel;
        if (shouldStartKillSwitch() && (loadTunnel = WireguardCore.tunnelManager.loadTunnel()) != null) {
            if (!vpnService.isDone()) {
                startVpnService();
            }
            try {
                VpnService vpnService2 = vpnService.get(2L, TimeUnit.SECONDS);
                vpnService2.setOwner(this);
                ServiceNotification serviceNotification = new ServiceNotification(vpnService2);
                this.mServiceNotification = serviceNotification;
                serviceNotification.showKillSwitchNotification();
                killSwitchMode = true;
                Config config = loadTunnel.getConfig();
                Objects.requireNonNull(config);
                KillSwitch killSwitch = new KillSwitch(vpnService2, config);
                this.mKillSwitch = killSwitch;
                killSwitch.establishBlocking();
            } catch (Exception e) {
                UtilsKt.printLog(e);
            }
        }
    }
}
