package com.adguard.android.proxy;

import android.content.Context;
import android.content.pm.PackageInfo;
import android.os.Build;
import com.adguard.android.ServiceLocator;
import com.adguard.android.commons.CustomExceptionHandler;
import com.adguard.android.commons.PackageUtils;
import com.adguard.android.commons.RootUtils;
import com.adguard.android.filtering.AppResources;
import com.adguard.android.filtering.commons.AndroidWorkaroundUtils;
import com.adguard.android.filtering.commons.NetworkUtils;
import com.adguard.android.model.ProxyConfiguration;
import com.adguard.android.service.PreferencesService;
import com.adguard.commons.concurrent.ThreadUtils;
import com.adguard.commons.io.IoUtils;
import com.adguard.commons.web.UrlUtils;
import com.adguard.filter.WorkaroundUtils;
import com.stericson.RootTools.RootTools;
import com.stericson.RootTools.exceptions.RootDeniedException;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeoutException;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.math.NumberUtils;
import org.apache.http.conn.util.InetAddressUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class ProxyConfigurationServiceImpl implements ProxyConfigurationService {
    private static final String IPTABLES_ADD_IP_EXCLUSION = " -t nat -I OUTPUT -p tcp -d {{IP}} --dport 80 -j ACCEPT\n";
    private static final String IPTABLES_ADD_IP_EXCLUSION_ANY_PORT = " -t nat -I OUTPUT -p tcp -d {{IP}} -j ACCEPT\n";
    private static final String IPTABLES_ADD_REDIRECT = " -t nat -A OUTPUT -p tcp --dport {{OUT_PORT}} -j REDIRECT --to {{PORT}}\n";
    private static final String IPTABLES_ADD_UDP_PORT_DROP = " -t nat -m owner --uid-owner {{UID}} -A OUTPUT -p udp --dport {{PORT}} -j RETURN\n";
    private static final String IPTABLES_ADD_UID_EXCLUSION = " -t nat -m owner --uid-owner {{UID}} -A OUTPUT -p tcp -j RETURN\n";
    private static final String IPTABLES_RESTORE_FILTER = " -t filter -F OUTPUT\n";
    private static final String IPTABLES_RESTORE_NAT = " -t nat -F OUTPUT\n";
    private static final Logger LOG = LoggerFactory.getLogger(ProxyConfigurationServiceImpl.class);
    private static final int ROOT_COMMAND_DEFAULT_TIMEOUT = 30000;
    private static final int ROOT_COMMAND_SLEEP_TIME = 50;
    private final Context context;
    private String iptablesPath;
    private final PreferencesService preferencesService;

    static {
        RootTools.debugMode = false;
    }

    public ProxyConfigurationServiceImpl(Context context) {
        this.context = context;
        this.preferencesService = ServiceLocator.getInstance(context).getPreferencesService();
        setupExceptionHandler();
    }

    private void addDropQuicCommands(List<String> list) {
        for (String str : AndroidWorkaroundUtils.QUIC_APPLICATIONS) {
            PackageInfo packageInfo = PackageUtils.getPackageInfo(this.context, str);
            if (packageInfo != null) {
                addDropQuicCommandsForUid(list, packageInfo);
            }
        }
    }

    private void addDropQuicCommandsForUid(List<String> list, PackageInfo packageInfo) {
        String valueOf = String.valueOf(packageInfo.applicationInfo.uid);
        list.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_ADD_UDP_PORT_DROP, "UID", valueOf, "PORT", "80"));
        list.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_ADD_UDP_PORT_DROP, "UID", valueOf, "PORT", "443"));
    }

    private String buildIptablesCommand(String str, String str2, String... strArr) {
        if (strArr == null || strArr.length % 2 != 0) {
            throw new IllegalArgumentException("iptables args are wrong: " + StringUtils.join(strArr, ", "));
        }
        String str3 = str + str2;
        for (int i = 0; i < strArr.length; i += 2) {
            str3 = str3.replace("{{" + strArr[i] + "}}", strArr[i + 1]);
        }
        return str3;
    }

    private boolean checkIpTablesCompatibility(String str) {
        RootUtils.runRootCommand("chmod 700 " + str, 30000);
        List<String> runRootCommand = RootUtils.runRootCommand(str + " --version\n" + str + " -L -t nat -n\n", 30000);
        boolean z = false;
        boolean z2 = false;
        for (String str2 : runRootCommand) {
            if (str2.contains("OUTPUT")) {
                z2 = true;
            }
            z = str2.contains("v1.4.") ? true : z;
        }
        boolean z3 = z2 && z;
        if (!z3) {
            LOG.warn("Incompatible iptables executable. Version command output: {}", StringUtils.join(runRootCommand, IOUtils.LINE_SEPARATOR_WINDOWS));
        }
        return z3;
    }

    private void copyIpTablesBinaryFromAssets() {
        InputStream inputStream;
        FileOutputStream fileOutputStream = null;
        try {
            inputStream = this.context.getAssets().open(Build.VERSION.SDK_INT > 20 ? "iptables_pie" : "iptables");
            try {
                try {
                    fileOutputStream = this.context.openFileOutput("iptables", 0);
                    IoUtils.copy(inputStream, fileOutputStream);
                    IOUtils.closeQuietly(inputStream);
                    IOUtils.closeQuietly((OutputStream) fileOutputStream);
                } catch (Throwable th) {
                    th = th;
                    IOUtils.closeQuietly(inputStream);
                    IOUtils.closeQuietly((OutputStream) fileOutputStream);
                    throw th;
                }
            } catch (Exception e) {
                e = e;
                LOG.error("Error copying iptables from assets", (Throwable) e);
                IOUtils.closeQuietly(inputStream);
                IOUtils.closeQuietly((OutputStream) fileOutputStream);
            }
        } catch (Exception e2) {
            e = e2;
            inputStream = null;
        } catch (Throwable th2) {
            th = th2;
            inputStream = null;
            IOUtils.closeQuietly(inputStream);
            IOUtils.closeQuietly((OutputStream) fileOutputStream);
            throw th;
        }
    }

    private void excludeApplication(PackageInfo packageInfo, List<String> list) {
        list.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_ADD_UID_EXCLUSION, "UID", String.valueOf(packageInfo.applicationInfo.uid)));
    }

    private void excludeIpAddress(String str, List<String> list) {
        list.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_ADD_IP_EXCLUSION, "IP", str));
    }

    private void executeShellCommands(List<String> list) {
        try {
            if (!isRootAccessGiven()) {
                throw new FileNotFoundException("executeShellCommands: No root access given to execute command " + StringUtils.join(list, IOUtils.LINE_SEPARATOR_UNIX));
            }
            if (getIpTablesPath() == null) {
                throw new IOException("iptables executable not found");
            }
            LOG.info("executeShellCommands: {}", StringUtils.join(list, IOUtils.LINE_SEPARATOR_WINDOWS));
            String[] strArr = new String[list.size()];
            list.toArray(strArr);
            LOG.info("executeShellCommands result: {}", StringUtils.join(RootUtils.runRootCommands(strArr, 50, 30000), IOUtils.LINE_SEPARATOR_WINDOWS));
        } catch (RootDeniedException e) {
            throw new IOException("Failed to redirect iptables", e);
        } catch (FileNotFoundException e2) {
            LOG.debug("IpTables FileNotFound exception", (Throwable) e2);
        } catch (IOException e3) {
            throw new IOException("Failed to redirect iptables", e3);
        } catch (InterruptedException e4) {
            throw new IOException("Failed to redirect iptables", e4);
        } catch (TimeoutException e5) {
            throw new IOException("Failed to redirect iptables", e5);
        }
    }

    private String getIpTablesPath() {
        if (this.iptablesPath == null) {
            this.iptablesPath = initIpTables();
        }
        if (this.iptablesPath == null) {
            LOG.warn("Failed to initialize iptables");
        }
        return this.iptablesPath;
    }

    private String initIpTables() {
        String absolutePath;
        if (!isRootAccessGiven()) {
            throw new FileNotFoundException("initIpTables: No root access given");
        }
        File file = new File("/system/bin/iptables");
        if (file.exists()) {
            absolutePath = file.getAbsolutePath();
            if (checkIpTablesCompatibility(absolutePath)) {
                LOG.info("Using system iptables {}", absolutePath);
                return absolutePath;
            }
        }
        copyIpTablesBinaryFromAssets();
        File fileStreamPath = this.context.getFileStreamPath("iptables");
        if (!fileStreamPath.exists()) {
            LOG.error("No iptables executable found or error copying from assets.");
            throw new FileNotFoundException("No compatible iptables executable found.");
        }
        absolutePath = fileStreamPath.getAbsolutePath();
        if (!checkIpTablesCompatibility(absolutePath)) {
            LOG.error("Incompatible iptables executable.");
            throw new FileNotFoundException("Incompatible iptables executable");
        }
        return absolutePath;
    }

    private synchronized boolean isRootAccessGiven() {
        boolean isAccessGiven;
        isAccessGiven = RootTools.isAccessGiven();
        if (!isAccessGiven && RootTools.isRootAvailable()) {
            ThreadUtils.sleepQuietly(100);
            isAccessGiven = RootTools.isAccessGiven();
        }
        return isAccessGiven;
    }

    private void restoreIpTables() {
        try {
            ArrayList arrayList = new ArrayList();
            arrayList.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_RESTORE_FILTER, new String[0]));
            arrayList.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_RESTORE_NAT, new String[0]));
            executeShellCommands(arrayList);
            LOG.info("Iptables have been restored.");
        } catch (Exception e) {
            LOG.error("Failed to clear iptables", (Throwable) e);
        }
    }

    private void setupExceptionHandler() {
        try {
            ((CustomExceptionHandler) Thread.getDefaultUncaughtExceptionHandler()).setProxyConfigurationService(this);
        } catch (ClassCastException e) {
            LOG.debug("Default handler is already in use {}", e.getMessage());
        }
    }

    @Override // com.adguard.android.proxy.ProxyConfigurationService
    public ProxyConfiguration getProxyConfiguration() {
        ProxyConfiguration proxyConfiguration = new ProxyConfiguration(UrlUtils.LOCALHOST_ADDRESS, this.preferencesService.getProxyPort(), null, null, null, this.preferencesService.isProxySetupManualMode());
        LOG.info("Got app proxy config: " + proxyConfiguration.toString());
        return proxyConfiguration;
    }

    @Override // com.adguard.android.proxy.ProxyConfigurationService
    public boolean isManualProxyConfigured() {
        if (StringUtils.equals(UrlUtils.LOCALHOST_ADDRESS, System.getProperty("http.proxyHost"))) {
            return NumberUtils.toInt(System.getProperty("http.proxyPort")) == getProxyConfiguration().getProxyPort().intValue() && NetworkUtils.isNetworkAvailable(this.context);
        }
        return false;
    }

    @Override // com.adguard.android.proxy.ProxyConfigurationService
    public void restoreProxyConfiguration() {
        LOG.info("Restoring proxy settings..");
        if (RootTools.isRootAvailable()) {
            restoreIpTables();
        }
        LOG.info("Proxy settings have been restored.");
    }

    @Override // com.adguard.android.proxy.ProxyConfigurationService
    public boolean setupTransparentProxy(int i, int i2) {
        try {
            LOG.info("Setting up transparent proxy.");
            if (!isRootAccessGiven()) {
                throw new IOException("setupTransparentProxy: Root access has not been given.");
            }
            if (getIpTablesPath() == null) {
                throw new IOException("Iptables executable not found.");
            }
            restoreIpTables();
            ArrayList arrayList = new ArrayList();
            excludeApplication(PackageUtils.getPackageInfo(this.context, this.context.getPackageName()), arrayList);
            Iterator<PackageInfo> it = PackageUtils.getInstalledPackages(this.context, AppResources.getNetExclusions()).iterator();
            while (it.hasNext()) {
                excludeApplication(it.next(), arrayList);
            }
            for (String str : WorkaroundUtils.getProxyIpExclusions()) {
                excludeIpAddress(str, arrayList);
            }
            for (String str2 : ServiceLocator.getInstance(this.context).getFilterService().getWhiteList()) {
                if (InetAddressUtils.isIPv4Address(str2)) {
                    excludeIpAddress(str2, arrayList);
                }
            }
            arrayList.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_ADD_IP_EXCLUSION_ANY_PORT, "IP", UrlUtils.LOCALHOST_ADDRESS));
            addDropQuicCommands(arrayList);
            arrayList.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_ADD_REDIRECT, "OUT_PORT", "80", "PORT", Integer.toString(i)));
            if (i2 > 0) {
                arrayList.add(buildIptablesCommand(getIpTablesPath(), IPTABLES_ADD_REDIRECT, "OUT_PORT", "443", "PORT", Integer.toString(i2)));
            }
            executeShellCommands(arrayList);
            LOG.info("Transparent proxy setup successful.");
            return true;
        } catch (Exception e) {
            LOG.error("Installing proxy configuration failed\r\n", (Throwable) e);
            return false;
        }
    }
}
