package com.lookout.net;

import android.annotation.SuppressLint;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.net.ConnectivityManager;
import android.net.Network;
import android.net.VpnService;
import android.os.Build;
import android.os.IBinder;
import android.os.Parcel;
import android.os.ParcelFileDescriptor;
import android.system.OsConstants;
import com.lookout.net.IMonitorServiceController;
import com.lookout.net.Luci;
import com.lookout.net.Settings.MonitorConstants;
import com.lookout.net.Settings.VpnIpAddress;
import com.lookout.net.Settings.VpnNetworkProperties;
import com.lookout.net.VpnTunnelStateLocator;
import io.netty.handler.codec.http.HttpObjectDecoder;
import java.io.IOException;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.atomic.AtomicReference;

@SuppressLint({"NewApi"})
/* loaded from: classes2.dex */
public class MonitorService extends VpnService {

    /* renamed from: k, reason: collision with root package name */
    private static final uk0.b f16626k = uk0.c.i(MonitorService.class);

    /* renamed from: c, reason: collision with root package name */
    private Context f16628c;

    /* renamed from: d, reason: collision with root package name */
    private VpnPropertiesProvider f16629d;

    /* renamed from: e, reason: collision with root package name */
    private AlwaysOnVpnHandler f16630e;

    /* renamed from: j, reason: collision with root package name */
    private a f16635j;

    /* renamed from: b, reason: collision with root package name */
    int f16627b = -1;

    /* renamed from: f, reason: collision with root package name */
    final AtomicReference<UrlListenerServiceConnection> f16631f = new AtomicReference<>();

    /* renamed from: g, reason: collision with root package name */
    private LuciInterface f16632g = LuciInterfaceFactory.get();

    /* renamed from: h, reason: collision with root package name */
    private LinkedHashMap<InetAddress, InetAddress> f16633h = new LinkedHashMap<>();

    /* renamed from: i, reason: collision with root package name */
    private Luci.SafeBrowsingMode f16634i = Luci.SafeBrowsingMode.SAFEBROWSING_MODE_DNS_ONLY;

    /* loaded from: classes2.dex */
    static final class a extends IMonitorServiceController.Stub {

        /* renamed from: a, reason: collision with root package name */
        MonitorService f16636a;

        /* renamed from: b, reason: collision with root package name */
        LuciInterface f16637b;

        a(MonitorService monitorService, LuciInterface luciInterface) {
            this.f16636a = monitorService;
            this.f16637b = luciInterface;
        }

        @Override // com.lookout.net.IMonitorServiceController
        public final void connectUrlListener(String[] strArr, String[] strArr2, ComponentName componentName) {
            MonitorService.f16626k.info("[MonitorService] In connectUrlListener");
            LuciInterface luciInterface = this.f16637b;
            if (luciInterface != null && luciInterface.getLookoutVpnInfo().getState() == VpnTunnelStateLocator.VpnTunnelState.Connected) {
                MonitorService.f16626k.info("[MonitorService] Starting URL Listener on a thread that's already running.");
                return;
            }
            MonitorService monitorService = this.f16636a;
            if (monitorService != null) {
                UrlListenerServiceConnection urlListenerServiceConnection = new UrlListenerServiceConnection(monitorService.f16628c, NetworkErrorListenerLocator.get());
                urlListenerServiceConnection.bindService(componentName);
                monitorService.f16631f.set(urlListenerServiceConnection);
                monitorService.a(strArr, strArr2);
            }
        }

        @Override // com.lookout.net.IMonitorServiceController
        public final void disconnectAndStopMonitorService() {
            MonitorService.f16626k.info("[MonitorService] In disconnectAndStopMonitorService");
            MonitorService monitorService = this.f16636a;
            if (monitorService != null) {
                monitorService.e();
            }
        }

        @Override // com.lookout.net.IMonitorServiceController.Stub, android.os.Binder
        public final boolean onTransact(int i11, Parcel parcel, Parcel parcel2, int i12) {
            if (i11 != 16777215) {
                return super.onTransact(i11, parcel, parcel2, i12);
            }
            MonitorService monitorService = this.f16636a;
            if (monitorService == null) {
                return true;
            }
            monitorService.onRevoke();
            return true;
        }

        @Override // com.lookout.net.IMonitorServiceController
        public final void startTransparentProxyOnly(String[] strArr, String[] strArr2) {
            MonitorService.f16626k.info("[MonitorService] In startTransparentProxyOnly");
            LuciInterface luciInterface = this.f16637b;
            if (luciInterface != null && luciInterface.getLookoutVpnInfo().getState() == VpnTunnelStateLocator.VpnTunnelState.Connected) {
                MonitorService.f16626k.info("[MonitorService] Starting proxy service that's already started.");
                return;
            }
            MonitorService monitorService = this.f16636a;
            if (monitorService != null) {
                monitorService.a(strArr, strArr2);
            }
        }
    }

    private ParcelFileDescriptor d(String[] strArr, String[] strArr2) {
        VpnNetworkProperties providesIpv4Properties = this.f16629d.providesIpv4Properties();
        VpnNetworkProperties providesIpv6Properties = this.f16629d.providesIpv6Properties();
        LinkedHashMap<InetAddress, InetAddress> dnsVirtualisationTable = this.f16629d.getDnsVirtualisationTable();
        if (dnsVirtualisationTable == null || dnsVirtualisationTable.isEmpty()) {
            throw new IllegalStateException("at least one dns server is required to start the VPN");
        }
        this.f16633h.putAll(normalizeDnsMap(dnsVirtualisationTable));
        this.f16634i = this.f16629d.getSafeBrowsingMode();
        VpnService.Builder session = new VpnService.Builder(this).setSession(getString(dp.a.f22726a));
        uk0.b bVar = f16626k;
        bVar.info("[MonitorService] adding VPN network properties");
        if (providesIpv4Properties != null) {
            bVar.info("[MonitorService] Adding ipv4 settings: {}", providesIpv4Properties);
            for (VpnIpAddress vpnIpAddress : providesIpv4Properties.getVpnLinkAddresses()) {
                session.addAddress(vpnIpAddress.getIpAddress(), vpnIpAddress.getPrefixLength());
            }
            for (VpnIpAddress vpnIpAddress2 : providesIpv4Properties.getVpnRouteIpAddress()) {
                session.addRoute(vpnIpAddress2.getIpAddress(), vpnIpAddress2.getPrefixLength());
            }
        } else {
            session.allowFamily(OsConstants.AF_INET);
            bVar.info("[MonitorService] ipv4 network properties not provided! Allowing IPv4 traffic to bypass VPN");
        }
        if (providesIpv6Properties != null) {
            f16626k.info("[MonitorService] Adding ipv6 settings: {}", providesIpv6Properties);
            for (VpnIpAddress vpnIpAddress3 : providesIpv6Properties.getVpnLinkAddresses()) {
                session.addAddress(vpnIpAddress3.getIpAddress(), vpnIpAddress3.getPrefixLength());
            }
            for (VpnIpAddress vpnIpAddress4 : providesIpv6Properties.getVpnRouteIpAddress()) {
                session.addRoute(vpnIpAddress4.getIpAddress(), vpnIpAddress4.getPrefixLength());
            }
        } else if (Build.VERSION.SDK_INT == 28) {
            f16626k.info("[MonitorService] ipv6 network properties not provided!");
        } else {
            f16626k.info("[MonitorService] ipv6 network properties not provided! Allowing IPv6 traffic to bypass VPN");
            session.allowFamily(OsConstants.AF_INET6);
        }
        for (InetAddress inetAddress : h()) {
            uk0.b bVar2 = f16626k;
            bVar2.info("[MonitorService] Adding dns server: {}", inetAddress);
            session.addDnsServer(inetAddress);
            if (this.f16634i == Luci.SafeBrowsingMode.SAFEBROWSING_MODE_DNS_ONLY) {
                bVar2.info("[MonitorService] Adding route: {}", inetAddress);
                session.addRoute(inetAddress, inetAddress instanceof Inet4Address ? 32 : HttpObjectDecoder.DEFAULT_INITIAL_BUFFER_SIZE);
            }
        }
        f16626k.info("[MonitorService] adding monitored:{} and excluded:{} packages", strArr, strArr2);
        if (strArr != null) {
            for (String str : strArr) {
                try {
                    session.addAllowedApplication(str);
                } catch (PackageManager.NameNotFoundException e11) {
                    f16626k.warn("Couldn't add allowed package " + str + ", doesn't exist", (Throwable) e11);
                }
            }
        }
        if (strArr2 != null) {
            for (String str2 : strArr2) {
                try {
                    session.addDisallowedApplication(str2);
                } catch (PackageManager.NameNotFoundException e12) {
                    f16626k.warn("Couldn't add disallowed package " + str2 + ", doesn't exist", (Throwable) e12);
                }
            }
        }
        if (Build.VERSION.SDK_INT >= 29) {
            session.setMetered(false);
        }
        f16626k.info("[MonitorService] Starting TUN");
        return session.establish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void e() {
        g();
        UrlListenerServiceConnection andSet = this.f16631f.getAndSet(null);
        if (andSet != null) {
            f16626k.info("[MonitorService] Unbinding from url listener connection");
            andSet.unbindService();
        }
        stopSelf();
    }

    public static boolean filterIpv6Address(InetAddress inetAddress) {
        boolean z11 = inetAddress == null || inetAddress.getHostAddress() == null || ((inetAddress instanceof Inet6Address) && inetAddress.getHostAddress().indexOf(37) != -1);
        if (z11) {
            f16626k.info("[MonitorService] Filtered address: ".concat(String.valueOf(inetAddress == null ? "null" : inetAddress.getHostAddress())));
        }
        return z11;
    }

    private synchronized void g() {
        f16626k.info("[MonitorService] Tearing down Luci");
        try {
            this.f16632g.stopService();
        } catch (LuciException e11) {
            f16626k.error("[MonitorService] stopLuci failed ", (Throwable) e11);
        }
    }

    private List<InetAddress> h() {
        return Collections.unmodifiableList(this.f16629d.shouldVirtualiseDns() ? new ArrayList(this.f16633h.values()) : new ArrayList(this.f16633h.keySet()));
    }

    final synchronized int a(String[] strArr, String[] strArr2) {
        ParcelFileDescriptor parcelFileDescriptor;
        Network activeNetwork;
        g();
        try {
            parcelFileDescriptor = d(strArr, strArr2);
        } catch (Exception e11) {
            e = e11;
            parcelFileDescriptor = null;
        }
        try {
            ConnectivityManager connectivityManager = (ConnectivityManager) getSystemService(ConnectivityManager.class);
            if (connectivityManager != null && (activeNetwork = connectivityManager.getActiveNetwork()) != null) {
                setUnderlyingNetworks(new Network[]{activeNetwork});
            }
            if (parcelFileDescriptor == null) {
                f16626k.error("Application is not prepared");
                return 2;
            }
            Intent intent = new Intent(this, (Class<?>) ForegroundActivity.class);
            intent.addFlags(268435456);
            startActivity(intent);
            uk0.b bVar = f16626k;
            bVar.info("[MonitorService] Detaching file descriptor " + parcelFileDescriptor.getFd() + " for service.");
            this.f16627b = parcelFileDescriptor.detachFd();
            bVar.info("[MonitorService] Starting Luci Service");
            try {
                this.f16632g.startService(this.f16629d, this.f16627b, this, this.f16634i, this.f16633h, h());
                return 3;
            } catch (LuciException e12) {
                f16626k.error("{}: start service failure {}", "[MonitorService]", e12.toString());
                stopSelf();
                return 2;
            }
        } catch (Exception e13) {
            e = e13;
            f16626k.error("Error while setting up the Vpn tunnel", (Throwable) e);
            if (parcelFileDescriptor != null) {
                try {
                    parcelFileDescriptor.close();
                } catch (IOException unused) {
                    f16626k.warn("Error while closing the file descriptor", (Throwable) e);
                }
            }
            return 2;
        }
    }

    public LinkedHashMap<InetAddress, InetAddress> normalizeDnsMap(LinkedHashMap<InetAddress, InetAddress> linkedHashMap) {
        LinkedHashMap<InetAddress, InetAddress> linkedHashMap2 = new LinkedHashMap<>();
        for (Map.Entry<InetAddress, InetAddress> entry : linkedHashMap.entrySet()) {
            if ((entry.getKey() instanceof Inet4Address) || !filterIpv6Address(entry.getKey())) {
                linkedHashMap2.put(entry.getKey(), entry.getValue());
            }
        }
        return linkedHashMap2;
    }

    @Override // android.net.VpnService, android.app.Service
    public IBinder onBind(Intent intent) {
        f16626k.info("[MonitorService] onBind");
        a aVar = this.f16635j;
        Objects.requireNonNull(aVar);
        return aVar;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // android.app.Service
    public void onCreate() {
        Context applicationContext;
        VpnPropertiesProvider vpnPropertiesProvider;
        super.onCreate();
        try {
            applicationContext = getApplicationContext();
            this.f16628c = applicationContext;
            vpnPropertiesProvider = this.f16632g.getVpnPropertiesProvider();
            this.f16629d = vpnPropertiesProvider;
        } catch (IllegalStateException e11) {
            f16626k.error("{} : {}", "[MonitorService]", e11.getMessage());
        }
        if (vpnPropertiesProvider == null) {
            throw new IllegalStateException("VpnPropertiesProvider cannot be null, exiting!");
        }
        if (applicationContext instanceof AlwaysOnVpnHandler) {
            this.f16630e = (AlwaysOnVpnHandler) applicationContext;
        }
        this.f16635j = new a(this, this.f16632g);
        f16626k.info("[MonitorService] create");
    }

    @Override // android.app.Service
    public void onDestroy() {
        uk0.b bVar = f16626k;
        bVar.info("[MonitorService] In OnDestroy");
        a aVar = this.f16635j;
        if (aVar != null) {
            bVar.info("[MonitorService] on destroy of MonitorServiceControllerStubImpl");
            aVar.f16636a = null;
            aVar.f16637b = null;
            this.f16635j = null;
        }
        g();
        this.f16633h.clear();
        super.onDestroy();
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        f16626k.info("[MonitorService] Vpn permission revoked");
        this.f16632g.notifyVpnPermissionRevoked();
        super.onRevoke();
    }

    @Override // android.app.Service
    public int onStartCommand(Intent intent, int i11, int i12) {
        String str;
        uk0.b bVar = f16626k;
        bVar.info("[MonitorService] onStartCommand");
        if (this.f16629d == null) {
            bVar.error("{} : {}", "[MonitorService]", "VPN Properties not provided, killing service");
            stopSelf();
            return 2;
        }
        if (intent != null) {
            str = "start (" + intent.getAction() + ")";
        } else {
            str = "cmd is null";
        }
        bVar.info("[MonitorService]", str);
        if ((i11 & 2) != 0) {
            bVar.info("[MonitorService]", "attempting restart");
        }
        if ((i11 & 1) != 0) {
            bVar.info("[MonitorService]", "recovering from crash");
        }
        if (intent != null && MonitorConstants.PROXY_NETWORK_TRAFFIC_ACTION.equals(intent.getAction())) {
            return a(intent.getStringArrayExtra(MonitorConstants.MONITORED_PACKAGES_EXTRA), intent.getStringArrayExtra(MonitorConstants.EXCLUDED_PACKAGES_EXTRA));
        }
        bVar.info("{} System started VPN Service. Will not start VPN.", "[MonitorService]");
        AlwaysOnVpnHandler alwaysOnVpnHandler = this.f16630e;
        if (alwaysOnVpnHandler == null) {
            return 3;
        }
        alwaysOnVpnHandler.handleAlwaysOnVpnStart();
        return 3;
    }

    @Override // android.app.Service
    public boolean onUnbind(Intent intent) {
        f16626k.info("[MonitorService] In onUnbind.");
        e();
        return super.onUnbind(intent);
    }
}
