package org.outline.vpn;

import android.app.NotificationChannel;
import android.app.NotificationManager;
import android.content.Intent;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageManager;
import android.content.res.Resources;
import android.net.ConnectivityManager;
import android.net.Network;
import android.net.NetworkInfo;
import android.net.NetworkRequest;
import android.net.VpnService;
import android.os.Binder;
import android.os.Build;
import android.os.IBinder;
import androidx.autofill.HintConstants;
import androidx.core.app.NotificationCompat;
import androidx.core.content.ContextCompat;
import com.squareup.otto.Bus;
import io.sentry.protocol.Request;
import java.util.Locale;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.json.JSONException;
import org.json.JSONObject;
import org.outline.shadowsocks.ShadowsocksConfig;
import shadowsocks.Client;
import shadowsocks.Config;
import shadowsocks.Shadowsocks;

/* loaded from: classes3.dex */
public class VpnTunnelService extends VpnService {
    private static final Logger LOG = Logger.getLogger(VpnTunnelService.class.getName());
    private static final String NOTIFICATION_CHANNEL_ID = "outline-vpn";
    public static final String NOTIFICATION_CHANNEL_KEY = "de.blinkt.openvpn.openvpn.default_notification_channel_id";
    private static final int NOTIFICATION_COLOR = 49061;
    public static final String NOTIFICATION_COLOR_KEY = "de.blinkt.openvpn.openvpn.default_notification_color";
    public static final String NOTIFICATION_ICON_KEY = "de.blinkt.openvpn.openvpn.default_notification_icon";
    private static final int NOTIFICATION_SERVICE_ID = 1;
    public static final String STATUS_BROADCAST_KEY = "onStatusChange";
    private static final String TUNNEL_CONFIG_KEY = "config";
    private static final String TUNNEL_ID_KEY = "id";
    private final IBinder binder = new LocalBinder();
    private String defaultNotificationChannel;
    private int defaultNotificationColor;
    private int defaultNotificationIcon;
    private String lastChannel;
    private NetworkConnectivityMonitor networkConnectivityMonitor;
    private NotificationCompat.Builder notificationBuilder;
    private NotificationManager notificationManager;
    private TunnelConfig tunnelConfig;
    private VpnTunnelStore tunnelStore;
    private VpnTunnel vpnTunnel;

    /* loaded from: classes3.dex */
    public enum ErrorCode {
        NO_ERROR(0),
        UNEXPECTED(1),
        VPN_PERMISSION_NOT_GRANTED(2),
        INVALID_SERVER_CREDENTIALS(3),
        UDP_RELAY_NOT_ENABLED(4),
        SERVER_UNREACHABLE(5),
        VPN_START_FAILURE(6),
        ILLEGAL_SERVER_CONFIGURATION(7),
        SHADOWSOCKS_START_FAILURE(8),
        CONFIGURE_SYSTEM_PROXY_FAILURE(9),
        NO_ADMIN_PERMISSIONS(10),
        UNSUPPORTED_ROUTING_TABLE(11),
        SYSTEM_MISCONFIGURED(12);

        public final int value;

        ErrorCode(int i) {
            this.value = i;
        }
    }

    /* loaded from: classes3.dex */
    public class LocalBinder extends Binder {
        public LocalBinder() {
        }

        public VpnTunnelService getService() {
            return VpnTunnelService.this;
        }
    }

    /* loaded from: classes3.dex */
    public enum MessageData {
        TUNNEL_ID("tunnelId"),
        TUNNEL_CONFIG("tunnelConfig"),
        ACTION("action"),
        PAYLOAD("payload"),
        ERROR_REPORTING_API_KEY("errorReportingApiKey");

        public final String value;

        MessageData(String str) {
            this.value = str;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public class NetworkConnectivityMonitor extends ConnectivityManager.NetworkCallback {
        private ConnectivityManager connectivityManager;

        public NetworkConnectivityMonitor() {
            this.connectivityManager = (ConnectivityManager) VpnTunnelService.this.getSystemService("connectivity");
        }

        @Override // android.net.ConnectivityManager.NetworkCallback
        public void onAvailable(Network network) {
            NetworkInfo networkInfo = this.connectivityManager.getNetworkInfo(network);
            VpnTunnelService.LOG.info(String.format(Locale.ROOT, "Network available: %s", networkInfo));
            if (networkInfo == null || networkInfo.getState() != NetworkInfo.State.CONNECTED) {
                return;
            }
            VpnTunnelService.this.broadcastVpnConnectivityChange(TunnelStatus.CONNECTED);
            VpnTunnelService.this.updateNotification(TunnelStatus.CONNECTED);
            VpnTunnelService.this.setUnderlyingNetworks(new Network[]{network});
            boolean updateUDPSupport = VpnTunnelService.this.vpnTunnel.updateUDPSupport();
            VpnTunnelService.LOG.info(String.format("UDP support: %s -> %s", Boolean.valueOf(VpnTunnelService.this.tunnelStore.isUdpSupported()), Boolean.valueOf(updateUDPSupport)));
            VpnTunnelService.this.tunnelStore.setIsUdpSupported(updateUDPSupport);
        }

        @Override // android.net.ConnectivityManager.NetworkCallback
        public void onLost(Network network) {
            VpnTunnelService.LOG.fine(String.format(Locale.ROOT, "Network lost: %s", this.connectivityManager.getNetworkInfo(network)));
            NetworkInfo activeNetworkInfo = this.connectivityManager.getActiveNetworkInfo();
            if (activeNetworkInfo == null || activeNetworkInfo.getState() != NetworkInfo.State.CONNECTED) {
                VpnTunnelService.this.broadcastVpnConnectivityChange(TunnelStatus.RECONNECTING);
                VpnTunnelService.this.updateNotification(TunnelStatus.RECONNECTING);
                VpnTunnelService.this.setUnderlyingNetworks(null);
            }
        }
    }

    /* loaded from: classes3.dex */
    public enum TunnelStatus {
        INVALID(-1),
        CONNECTED(0),
        DISCONNECTED(1),
        RECONNECTING(2);

        public final int value;

        TunnelStatus(int i) {
            this.value = i;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void broadcastVpnConnectivityChange(TunnelStatus tunnelStatus) {
        if (this.tunnelConfig == null) {
            LOG.warning("Tunnel disconnected, not sending VPN connectivity broadcast");
            return;
        }
        Intent intent = new Intent(STATUS_BROADCAST_KEY);
        intent.addCategory(getPackageName());
        intent.putExtra(MessageData.PAYLOAD.value, tunnelStatus.value);
        intent.putExtra(MessageData.TUNNEL_ID.value, this.tunnelConfig.id);
        sendBroadcast(intent);
    }

    private ErrorCode checkServerConnectivity(Client client) {
        try {
            ErrorCode errorCode = ErrorCode.values()[(int) Shadowsocks.checkConnectivity(client)];
            LOG.info(String.format(Locale.ROOT, "Go connectivity check result: %s", errorCode.name()));
            return errorCode;
        } catch (Exception e) {
            LOG.log(Level.SEVERE, "Connectivity checks failed", (Throwable) e);
            return ErrorCode.UNEXPECTED;
        }
    }

    private String createNotificationChannel(String str) {
        if (str == null) {
            str = this.defaultNotificationChannel;
        }
        String str2 = this.lastChannel;
        if (str2 == null || str2.isEmpty()) {
            if (this.notificationManager.getNotificationChannel(str) == null) {
                this.notificationManager.createNotificationChannel(new NotificationChannel(str, "Connection statistics", 0));
            }
            this.lastChannel = str;
        }
        return this.lastChannel;
    }

    private NotificationCompat.Builder getNotificationBuilder(TunnelConfig tunnelConfig) throws Exception {
        return new NotificationCompat.Builder(this, createNotificationChannel(this.defaultNotificationChannel)).setContentTitle(getApplicationName()).setShowWhen(true).setCategory(NotificationCompat.CATEGORY_SERVICE).setLocalOnly(true).setUsesChronometer(true).setOnlyAlertOnce(true).setOngoing(true).setSmallIcon(this.defaultNotificationIcon).setColor(this.defaultNotificationColor);
    }

    public static TunnelConfig makeTunnelConfig(String str, JSONObject jSONObject) throws Exception {
        if (str == null || jSONObject == null) {
            throw new IllegalArgumentException("Must provide a tunnel ID and JSON configuration");
        }
        TunnelConfig tunnelConfig = new TunnelConfig();
        tunnelConfig.id = str;
        tunnelConfig.proxy = new ShadowsocksConfig();
        tunnelConfig.proxy.host = jSONObject.getString("host");
        tunnelConfig.proxy.port = jSONObject.getInt("port");
        tunnelConfig.proxy.password = jSONObject.getString(HintConstants.AUTOFILL_HINT_PASSWORD);
        tunnelConfig.proxy.method = jSONObject.getString(Request.JsonKeys.METHOD);
        try {
            tunnelConfig.name = jSONObject.getString("name");
        } catch (JSONException unused) {
            LOG.fine("Tunnel config missing name");
        }
        String str2 = null;
        try {
            str2 = jSONObject.getString("prefix");
            LOG.fine("Activating experimental prefix support");
        } catch (JSONException unused2) {
        }
        if (str2 != null) {
            tunnelConfig.proxy.prefix = new byte[str2.length()];
            for (int i = 0; i < str2.length(); i++) {
                char charAt = str2.charAt(i);
                if ((charAt & 255) != charAt) {
                    throw new JSONException(String.format("Prefix character '%c' is out of range", Character.valueOf(charAt)));
                }
                tunnelConfig.proxy.prefix[i] = (byte) charAt;
            }
        }
        return tunnelConfig;
    }

    private void startForegroundWithNotification(TunnelConfig tunnelConfig) {
        try {
            if (this.notificationBuilder == null) {
                this.notificationBuilder = getNotificationBuilder(tunnelConfig);
            }
            this.notificationBuilder.setContentText("Connected");
            startForeground(1, this.notificationBuilder.build());
        } catch (Exception e) {
            LOG.log(Level.SEVERE, "Unable to display persistent notification", (Throwable) e);
        }
    }

    private void startLastSuccessfulTunnel() {
        Logger logger = LOG;
        logger.info("Received an auto-connect request, loading last successful tunnel.");
        JSONObject load = this.tunnelStore.load();
        if (load == null) {
            logger.info("Last successful tunnel not found. User not connected at shutdown/install.");
            return;
        }
        if (prepare(this) != null) {
            logger.warning("VPN not prepared, aborting auto-connect.");
            return;
        }
        try {
            TunnelConfig makeTunnelConfig = makeTunnelConfig(load.getString("id"), load.getJSONObject(TUNNEL_CONFIG_KEY));
            startForegroundWithNotification(makeTunnelConfig);
            startTunnel(makeTunnelConfig, true);
        } catch (Exception e) {
            LOG.log(Level.SEVERE, "Failed to retrieve JSON tunnel data", (Throwable) e);
        }
    }

    private void startNetworkConnectivityMonitor() {
        ConnectivityManager connectivityManager = (ConnectivityManager) getSystemService("connectivity");
        NetworkRequest build = new NetworkRequest.Builder().addCapability(12).addCapability(13).build();
        if (Build.VERSION.SDK_INT < 28) {
            connectivityManager.registerNetworkCallback(build, this.networkConnectivityMonitor);
        } else {
            connectivityManager.requestNetwork(build, this.networkConnectivityMonitor);
        }
    }

    private synchronized ErrorCode startTunnel(TunnelConfig tunnelConfig, boolean z) {
        boolean z2 = true;
        LOG.info(String.format(Locale.ROOT, "Starting tunnel %s.", tunnelConfig.id));
        if (tunnelConfig.id != null && tunnelConfig.proxy != null) {
            boolean z3 = this.tunnelConfig != null;
            if (z3) {
                broadcastVpnConnectivityChange(TunnelStatus.DISCONNECTED);
                stopForeground();
                try {
                    this.vpnTunnel.disconnectTunnel();
                } catch (Exception e) {
                    LOG.log(Level.SEVERE, "Failed to disconnect tunnel", (Throwable) e);
                }
            }
            Config config = new Config();
            config.setHost(tunnelConfig.proxy.host);
            config.setPort(tunnelConfig.proxy.port);
            config.setCipherName(tunnelConfig.proxy.method);
            config.setPassword(tunnelConfig.proxy.password);
            config.setPrefix(tunnelConfig.proxy.prefix);
            try {
                Client client = new Client(config);
                ErrorCode errorCode = ErrorCode.NO_ERROR;
                if (!z) {
                    try {
                        errorCode = checkServerConnectivity(client);
                        if (errorCode != ErrorCode.NO_ERROR && errorCode != ErrorCode.UDP_RELAY_NOT_ENABLED) {
                            tearDownActiveTunnel();
                            return errorCode;
                        }
                    } catch (Exception unused) {
                        tearDownActiveTunnel();
                        return ErrorCode.SHADOWSOCKS_START_FAILURE;
                    }
                }
                this.tunnelConfig = tunnelConfig;
                if (!z3) {
                    if (!this.vpnTunnel.establishVpn(tunnelConfig.proxy.host)) {
                        LOG.severe("Failed to establish the VPN");
                        tearDownActiveTunnel();
                        return ErrorCode.VPN_START_FAILURE;
                    }
                    startNetworkConnectivityMonitor();
                }
                if (z) {
                    z2 = this.tunnelStore.isUdpSupported();
                } else if (errorCode != ErrorCode.NO_ERROR) {
                    z2 = false;
                }
                try {
                    this.vpnTunnel.connectTunnel(client, z2);
                    startForegroundWithNotification(tunnelConfig);
                    storeActiveTunnel(tunnelConfig, z2);
                    return ErrorCode.NO_ERROR;
                } catch (Exception e2) {
                    LOG.log(Level.SEVERE, "Failed to connect the tunnel", (Throwable) e2);
                    tearDownActiveTunnel();
                    return ErrorCode.VPN_START_FAILURE;
                }
            } catch (Exception e3) {
                LOG.log(Level.WARNING, "Invalid configuration", (Throwable) e3);
                tearDownActiveTunnel();
                return ErrorCode.ILLEGAL_SERVER_CONFIGURATION;
            }
        }
        return ErrorCode.ILLEGAL_SERVER_CONFIGURATION;
    }

    private void stopForeground() {
        stopForeground(true);
        this.notificationBuilder = null;
    }

    private void stopNetworkConnectivityMonitor() {
        try {
            ((ConnectivityManager) getSystemService("connectivity")).unregisterNetworkCallback(this.networkConnectivityMonitor);
        } catch (Exception unused) {
        }
    }

    private void stopVpnTunnel() {
        this.vpnTunnel.disconnectTunnel();
        this.vpnTunnel.tearDownVpn();
    }

    private void storeActiveTunnel(TunnelConfig tunnelConfig, boolean z) {
        LOG.info("Storing active tunnel.");
        JSONObject jSONObject = new JSONObject();
        try {
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("host", tunnelConfig.proxy.host);
            jSONObject2.put("port", tunnelConfig.proxy.port);
            jSONObject2.put(HintConstants.AUTOFILL_HINT_PASSWORD, tunnelConfig.proxy.password);
            jSONObject2.put(Request.JsonKeys.METHOD, tunnelConfig.proxy.method);
            if (tunnelConfig.proxy.prefix != null) {
                char[] cArr = new char[tunnelConfig.proxy.prefix.length];
                for (int i = 0; i < tunnelConfig.proxy.prefix.length; i++) {
                    cArr[i] = (char) (tunnelConfig.proxy.prefix[i] & 255);
                }
                jSONObject2.put("prefix", new String(cArr));
            }
            jSONObject.put("id", tunnelConfig.id).put(TUNNEL_CONFIG_KEY, jSONObject2);
            this.tunnelStore.save(jSONObject);
        } catch (JSONException e) {
            LOG.log(Level.SEVERE, "Failed to store JSON tunnel data", (Throwable) e);
        }
        this.tunnelStore.setTunnelStatus(TunnelStatus.CONNECTED);
        this.tunnelStore.setIsUdpSupported(z);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void updateNotification(TunnelStatus tunnelStatus) {
        try {
            if (this.notificationBuilder == null) {
                return;
            }
            this.notificationBuilder.setContentText(tunnelStatus == TunnelStatus.CONNECTED ? "Connected" : "Reconnecting...");
            this.notificationManager.notify(1, this.notificationBuilder.build());
        } catch (Exception e) {
            LOG.log(Level.SEVERE, "Failed to update persistent notification", (Throwable) e);
        }
    }

    public final String getApplicationName() throws PackageManager.NameNotFoundException {
        PackageManager packageManager = getApplicationContext().getPackageManager();
        return (String) packageManager.getApplicationLabel(packageManager.getApplicationInfo(getPackageName(), 0));
    }

    public int getResourceId(String str, String str2) {
        return getResources().getIdentifier(str, str2, getPackageName());
    }

    public boolean isServerReachable(String str, int i) {
        try {
            Shadowsocks.checkServerReachable(str, i);
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    public synchronized boolean isTunnelActive(String str) {
        TunnelConfig tunnelConfig = this.tunnelConfig;
        if (tunnelConfig != null && tunnelConfig.id != null) {
            return this.tunnelConfig.id.equals(str);
        }
        return false;
    }

    public VpnService.Builder newBuilder() {
        return new VpnService.Builder(this);
    }

    @Override // android.net.VpnService, android.app.Service
    public IBinder onBind(Intent intent) {
        LOG.info(String.format(Locale.ROOT, "Binding VPN service: %s", intent));
        String action = intent.getAction();
        if (action != null && action.equals("android.net.VpnService")) {
            return super.onBind(intent);
        }
        if (intent.getBooleanExtra(VpnServiceStarter.AUTOSTART_EXTRA, false)) {
            startLastSuccessfulTunnel();
        }
        return this.binder;
    }

    @Override // android.app.Service
    public void onCreate() {
        LOG.info("Creating VPN service.");
        this.vpnTunnel = new VpnTunnel(this);
        this.networkConnectivityMonitor = new NetworkConnectivityMonitor();
        this.tunnelStore = new VpnTunnelStore(this);
        this.notificationManager = (NotificationManager) ContextCompat.getSystemService(this, NotificationManager.class);
        try {
            ApplicationInfo applicationInfo = getPackageManager().getApplicationInfo(getApplicationContext().getPackageName(), 128);
            this.defaultNotificationIcon = applicationInfo.metaData.getInt("de.blinkt.openvpn.openvpn.default_notification_icon", applicationInfo.icon);
            this.defaultNotificationChannel = applicationInfo.metaData.getString("de.blinkt.openvpn.openvpn.default_notification_channel_id", Bus.DEFAULT_IDENTIFIER);
            this.defaultNotificationColor = ContextCompat.getColor(this, applicationInfo.metaData.getInt("de.blinkt.openvpn.openvpn.default_notification_color"));
        } catch (PackageManager.NameNotFoundException e) {
            LOG.log(Level.FINE, "Failed to load meta-data", (Throwable) e);
        } catch (Resources.NotFoundException e2) {
            LOG.log(Level.FINE, "Failed to load notification color", (Throwable) e2);
        }
    }

    @Override // android.app.Service
    public void onDestroy() {
        LOG.info("Destroying VPN service.");
        tearDownActiveTunnel();
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        LOG.info("VPN revoked.");
        broadcastVpnConnectivityChange(TunnelStatus.DISCONNECTED);
        tearDownActiveTunnel();
    }

    @Override // android.app.Service
    public int onStartCommand(Intent intent, int i, int i2) {
        LOG.info(String.format(Locale.ROOT, "Starting VPN service: %s", intent));
        int onStartCommand = super.onStartCommand(intent, i, i2);
        if (intent != null) {
            boolean booleanExtra = intent.getBooleanExtra(VpnServiceStarter.AUTOSTART_EXTRA, false);
            boolean equals = "android.net.VpnService".equals(intent.getAction());
            if (booleanExtra || equals) {
                startLastSuccessfulTunnel();
            }
        }
        return onStartCommand;
    }

    public ErrorCode startTunnel(TunnelConfig tunnelConfig) {
        return startTunnel(tunnelConfig, false);
    }

    public synchronized ErrorCode stopTunnel(String str) {
        if (!isTunnelActive(str)) {
            return ErrorCode.UNEXPECTED;
        }
        tearDownActiveTunnel();
        return ErrorCode.NO_ERROR;
    }

    public void tearDownActiveTunnel() {
        stopVpnTunnel();
        stopForeground();
        this.tunnelConfig = null;
        stopNetworkConnectivityMonitor();
        this.tunnelStore.setTunnelStatus(TunnelStatus.DISCONNECTED);
    }
}
