package com.snowd.vpn.service.stunnel;

import android.content.Context;
import android.net.SSLCertificateSocketFactory;
import android.util.Log;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class TcpProxyServerThread extends Thread {
    private static final char[] KEY_PASS = {'1', '2', '3', '4', '5'};
    private static final String TAG = "TcpProxyServerThread";
    private final Context context;
    private int listenPort;
    private SSLSocketFactory sslSocketFactory;
    private TrustManager[] trustAllCerts;
    private String tunnelHost;
    private int tunnelPort;
    private ServerSocket ss = null;
    private int sessionId = 0;

    public TcpProxyServerThread(Context context, int i, String str, int i2) {
        this.context = context;
        this.listenPort = i;
        this.tunnelHost = str;
        this.tunnelPort = i2;
    }

    private Socket acceptSocket() throws IOException {
        Socket socket = null;
        try {
            socket = this.ss.accept();
            this.sessionId++;
            return socket;
        } catch (SocketException e) {
            e.printStackTrace();
            return socket;
        }
    }

    private void closeSocket() {
        try {
            if (this.ss != null && !this.ss.isClosed()) {
                Log.d(TAG, "Close socket");
                this.ss.close();
            } else if (this.ss == null) {
                Log.d(TAG, "Socket is null");
            } else {
                Log.d(TAG, "Socket was already closed");
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    private boolean createServerSocket() {
        try {
            this.ss = new ServerSocket();
            this.ss.setReuseAddress(true);
            this.ss.bind(new InetSocketAddress(InetAddress.getLocalHost(), this.listenPort), 50);
            Log.d(TAG, "Socket created. " + InetAddress.getLocalHost().getHostAddress() + ":" + this.listenPort);
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private TrustManager[] getTrustManagers() {
        if (this.trustAllCerts == null) {
            this.trustAllCerts = new TrustManager[]{new X509TrustManager() { // from class: com.snowd.vpn.service.stunnel.TcpProxyServerThread.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            }};
        }
        return this.trustAllCerts;
    }

    private void relay(Socket socket, Socket socket2) throws IOException {
        Relay relay = new Relay(socket.getInputStream(), socket2.getOutputStream(), "Server", this.sessionId);
        Relay relay2 = new Relay(socket2.getInputStream(), socket.getOutputStream(), "Server", this.sessionId);
        relay.start();
        relay2.start();
    }

    private void setSNIHost(SSLSocketFactory sSLSocketFactory, SSLSocket sSLSocket, String str) {
        if (sSLSocketFactory instanceof SSLCertificateSocketFactory) {
            ((SSLCertificateSocketFactory) sSLSocketFactory).setHostname(sSLSocket, str);
            return;
        }
        try {
            sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    public void close() {
        closeSocket();
        interrupt();
    }

    public final SSLSocketFactory getSocketFactory() {
        if (this.sslSocketFactory == null) {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("X509");
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(this.context.getAssets().open("eakj-mobile.p12"), KEY_PASS);
                keyManagerFactory.init(keyStore, KEY_PASS);
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(keyManagerFactory == null ? null : keyManagerFactory.getKeyManagers(), getTrustManagers(), new SecureRandom());
                this.sslSocketFactory = sSLContext.getSocketFactory();
            } catch (FileNotFoundException e) {
                Log.d(TAG, this.sessionId + ": Error loading the client certificate file:" + e.toString());
            } catch (IOException e2) {
                Log.d(TAG, this.sessionId + ": Error loading the client certificate file:" + e2.toString());
            } catch (KeyManagementException e3) {
                Log.d(TAG, this.sessionId + ": No SSL algorithm support: " + e3.toString());
            } catch (KeyStoreException e4) {
                Log.d(TAG, this.sessionId + ": Error setting up keystore:" + e4.toString());
            } catch (NoSuchAlgorithmException e5) {
                Log.d(TAG, this.sessionId + ": No common SSL algorithm found: " + e5.toString());
            } catch (UnrecoverableKeyException e6) {
                Log.d(TAG, this.sessionId + ": Error loading the client certificate:" + e6.toString());
            } catch (CertificateException e7) {
                Log.d(TAG, this.sessionId + ": Error loading the client certificate:" + e7.toString());
            }
        }
        return this.sslSocketFactory;
    }

    @Override // java.lang.Thread, java.lang.Runnable
    public void run() {
        Socket acceptSocket;
        Socket createSocket;
        if (createServerSocket()) {
            while (!isInterrupted()) {
                try {
                    acceptSocket = acceptSocket();
                    SSLSocketFactory socketFactory = getSocketFactory();
                    createSocket = socketFactory.createSocket(this.tunnelHost, this.tunnelPort);
                    setSNIHost(socketFactory, (SSLSocket) createSocket, this.tunnelHost);
                    ((SSLSocket) createSocket).startHandshake();
                } catch (IOException e) {
                    e.printStackTrace();
                }
                if (acceptSocket == null) {
                    Log.d(TAG, "Trying socket operation on a null socket, returning");
                    return;
                }
                Log.d(TAG, this.sessionId + ": Tunnelling port " + this.listenPort + " to port " + this.tunnelPort + " on host " + this.tunnelHost + " ...");
                relay(acceptSocket, createSocket);
            }
            Log.d(TAG, "Stunnel thread was interrupted. Closing sockets...");
            closeSocket();
        }
    }
}
