package net.ivpn.core.vpn.openvpn;

import android.content.Context;
import android.content.pm.PackageManager;
import android.net.VpnService;
import android.os.Build;
import android.text.TextUtils;
import de.blinkt.openvpn.VpnProfile;
import de.blinkt.openvpn.core.CIDRIP;
import de.blinkt.openvpn.core.NativeUtils;
import de.blinkt.openvpn.core.NetworkSpace;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Collection;
import java.util.Iterator;
import java.util.Vector;
import javax.inject.Inject;
import net.ivpn.core.IVPNApplication;
import net.ivpn.core.R;
import net.ivpn.core.common.prefs.PackagesPreference;
import net.ivpn.core.common.prefs.Settings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes3.dex */
public class ServiceConfiguration {
    private static final String IPV6DEFAULT = "2000::";
    private static final int IPV6MASK = 3;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) ServiceConfiguration.class);
    private String lastTunCfg;
    private int mtu;
    private PackagesPreference packagesPreference;
    private String remoteGW;
    private Settings settings;
    private final Vector<String> dnsList = new Vector<>();
    private final NetworkSpace routes = new NetworkSpace();
    private final NetworkSpace routesV6 = new NetworkSpace();
    private String domain = null;
    private CIDRIP localIP = null;
    private String localIPv6 = null;

    @Inject
    public ServiceConfiguration(Settings settings, PackagesPreference packagesPreference) {
        this.settings = settings;
        this.packagesPreference = packagesPreference;
    }

    private void addDnsList(VpnService.Builder builder) {
        Iterator<String> it = getDnsList().iterator();
        while (it.hasNext()) {
            String next = it.next();
            try {
                builder.addDnsServer(next);
            } catch (IllegalArgumentException e) {
                LOGGER.error(String.format(getString(R.string.dns_add_error), next, e.getLocalizedMessage()));
            }
        }
    }

    private boolean addLocalIps(VpnService.Builder builder, boolean z) {
        if (this.localIP != null) {
            addLocalNetworksToRoutes(z);
            try {
                builder.addAddress(this.localIP.mIp, this.localIP.len);
            } catch (IllegalArgumentException e) {
                LOGGER.error(String.format(getString(R.string.dns_add_error), this.localIP, e.getLocalizedMessage()));
                return false;
            }
        }
        String str = this.localIPv6;
        if (str != null) {
            String[] split = str.split("/");
            try {
                builder.addAddress(split[0], Integer.parseInt(split[1]));
            } catch (IllegalArgumentException e2) {
                LOGGER.error(String.format(getString(R.string.ip_add_error), this.localIPv6, e2.getLocalizedMessage()));
                return false;
            }
        }
        return true;
    }

    private void addLocalNetworksToRoutes(boolean z) {
        String[] ifconfig = NativeUtils.getIfconfig();
        for (int i = 0; i < ifconfig.length; i += 3) {
            String str = ifconfig[i];
            String str2 = ifconfig[i + 1];
            String str3 = ifconfig[i + 2];
            if (str != null && !str.equals("lo") && !str.startsWith("tun") && !str.startsWith("rmnet")) {
                if (str2 == null || str3 == null) {
                    LOGGER.error("Local routes are broken?! (Report to author) " + TextUtils.join("|", ifconfig));
                } else {
                    CIDRIP cidrip = this.localIP;
                    if ((cidrip == null || !str2.equals(cidrip.mIp)) && z) {
                        this.routes.addIP(new CIDRIP(str2, str3), false);
                    }
                }
            }
        }
    }

    private void addMtu(VpnService.Builder builder) {
        builder.setMtu(this.mtu);
    }

    private void addNotAllowedApps(VpnService.Builder builder) {
        for (String str : this.packagesPreference.getDisallowedPackages()) {
            try {
                builder.addDisallowedApplication(str);
            } catch (PackageManager.NameNotFoundException e) {
                e.printStackTrace();
                this.packagesPreference.allowPackage(str);
            }
        }
    }

    private void fillRoutes(VpnService.Builder builder, Context context, Collection<NetworkSpace.ipAddress> collection, Collection<NetworkSpace.ipAddress> collection2) {
        NetworkSpace.ipAddress ipaddress = new NetworkSpace.ipAddress(new CIDRIP("224.0.0.0", 3), true);
        for (NetworkSpace.ipAddress ipaddress2 : collection) {
            try {
                if (ipaddress.containsNet(ipaddress2)) {
                    LOGGER.debug(String.format(getString(R.string.ignore_multicast_route), ipaddress2.toString()));
                } else {
                    builder.addRoute(ipaddress2.getIPv4Address(), ipaddress2.networkMask);
                }
            } catch (IllegalArgumentException e) {
                LOGGER.error(context.getString(R.string.route_rejected) + ipaddress2 + " " + e.getLocalizedMessage());
            }
        }
        for (NetworkSpace.ipAddress ipaddress3 : collection2) {
            try {
                builder.addRoute(ipaddress3.getIPv6Address(), ipaddress3.networkMask);
            } catch (IllegalArgumentException e2) {
                LOGGER.error(context.getString(R.string.route_rejected) + ipaddress3 + " " + e2.getLocalizedMessage());
            }
        }
        if (collection2.isEmpty()) {
            try {
                builder.addRoute("2000::", 3);
            } catch (IllegalArgumentException e3) {
                LOGGER.error(context.getString(R.string.route_rejected) + "2000:: " + e3.getLocalizedMessage());
            }
        }
    }

    private String getDNS() {
        String dns = this.settings.getDns();
        return dns != null ? dns : TextUtils.join("|", this.dnsList);
    }

    private Vector<String> getDnsList() {
        String dns = this.settings.getDns();
        if (dns == null) {
            return this.dnsList;
        }
        Vector<String> vector = new Vector<>();
        vector.add(dns);
        return vector;
    }

    private static String getString(int i) {
        return IVPNApplication.application.getString(i);
    }

    private String getTunConfigString() {
        StringBuilder sb = new StringBuilder();
        sb.append("TUNCFG UNQIUE STRING ips:");
        CIDRIP cidrip = this.localIP;
        if (cidrip != null) {
            sb.append(cidrip.toString());
        }
        String str = this.localIPv6;
        if (str != null) {
            sb.append(str);
        }
        sb.append("routes: ");
        sb.append(TextUtils.join("|", this.routes.getNetworks(true)));
        sb.append(TextUtils.join("|", this.routesV6.getNetworks(true)));
        sb.append("excl. routes:");
        sb.append(TextUtils.join("|", this.routes.getNetworks(false)));
        sb.append(TextUtils.join("|", this.routesV6.getNetworks(false)));
        sb.append("dns: ");
        sb.append(getDNS());
        sb.append("domain: ");
        sb.append(this.domain);
        sb.append("mtu: ");
        sb.append(this.mtu);
        return sb.toString();
    }

    private boolean isAndroidTunDevice(String str) {
        return str != null && (str.startsWith("tun") || "(null)".equals(str) || "vpnservice-tun".equals(str));
    }

    private void logCommonInfo(Collection<NetworkSpace.ipAddress> collection, Collection<NetworkSpace.ipAddress> collection2) {
        if (this.localIP != null) {
            LOGGER.info(String.format(getString(R.string.local_ip_info), this.localIP.mIp, Integer.valueOf(this.localIP.len), this.localIPv6, Integer.valueOf(this.mtu)));
        }
        Logger logger = LOGGER;
        logger.info(String.format(getString(R.string.dns_server_info), TextUtils.join(", ", this.dnsList), this.domain));
        if (this.routes != null && this.routesV6 != null) {
            logger.info(String.format(getString(R.string.routes_info_incl), TextUtils.join(", ", this.routes.getNetworks(true)), TextUtils.join(", ", this.routesV6.getNetworks(true))));
            logger.info(String.format(getString(R.string.routes_info_excl), TextUtils.join(", ", this.routes.getNetworks(false)), TextUtils.join(", ", this.routesV6.getNetworks(false))));
        }
        logger.debug(String.format(getString(R.string.routes_debug), TextUtils.join(", ", collection), TextUtils.join(", ", collection2)));
    }

    private void reset() {
        this.dnsList.clear();
        this.routes.clear();
        this.routesV6.clear();
        this.localIP = null;
        this.localIPv6 = null;
        this.domain = null;
    }

    private void samsungWorkAround(Collection<NetworkSpace.ipAddress> collection) {
        if (!"samsung".equals(Build.BRAND) || Build.VERSION.SDK_INT < 21 || this.dnsList.size() < 1) {
            return;
        }
        try {
            NetworkSpace.ipAddress ipaddress = new NetworkSpace.ipAddress(new CIDRIP(getDnsList().get(0), 32), true);
            Iterator<NetworkSpace.ipAddress> it = collection.iterator();
            boolean z = false;
            while (it.hasNext()) {
                if (it.next().containsNet(ipaddress)) {
                    z = true;
                }
            }
            if (z) {
                return;
            }
            LOGGER.warn(String.format("Warning Samsung Android 5.0+ devices ignore DNS servers outside the VPN range. To enable DNS resolution a route to your DNS Server (%s) has been added.", getDnsList().get(0)));
            collection.add(ipaddress);
        } catch (Exception unused) {
            LOGGER.error("Error parsing DNS Server IP: " + getDnsList().get(0));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addDNS(String str) {
        this.dnsList.add(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addRoute(CIDRIP cidrip) {
        this.routes.addIP(cidrip, true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addRoute(String str, String str2, String str3, String str4) {
        CIDRIP cidrip = new CIDRIP(str, str2);
        boolean isAndroidTunDevice = isAndroidTunDevice(str4);
        NetworkSpace.ipAddress ipaddress = new NetworkSpace.ipAddress(new CIDRIP(str3, 32), false);
        CIDRIP cidrip2 = this.localIP;
        if (cidrip2 == null) {
            LOGGER.error("Local IP address unset and received. Neither pushed server config nor local config specifies an IP addresses. Opening tun device is most likely going to fail.");
            return;
        }
        if (new NetworkSpace.ipAddress(cidrip2, true).containsNet(ipaddress)) {
            isAndroidTunDevice = true;
        }
        if (str3 != null && (str3.equals("255.255.255.255") || str3.equals(this.remoteGW))) {
            isAndroidTunDevice = true;
        }
        if (cidrip.len == 32 && !str2.equals("255.255.255.255")) {
            LOGGER.warn(String.format(getString(R.string.route_not_cidr), str, str2));
        }
        if (cidrip.normalise()) {
            LOGGER.warn(String.format(getString(R.string.route_not_netip), str, Integer.valueOf(cidrip.len), cidrip.mIp));
        }
        this.routes.addIP(cidrip, isAndroidTunDevice);
    }

    public void addRouteV6(String str, String str2) {
        String[] split = str.split("/");
        boolean isAndroidTunDevice = isAndroidTunDevice(str2);
        try {
            this.routesV6.addIPv6((Inet6Address) InetAddress.getAllByName(split[0])[0], Integer.parseInt(split[1]), isAndroidTunDevice);
        } catch (UnknownHostException e) {
            LOGGER.error(e.getLocalizedMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void fillBuilder(Context context, VpnService.Builder builder, VpnProfile vpnProfile) {
        Logger logger = LOGGER;
        logger.info(context.getString(R.string.last_openvpn_tun_config));
        if (this.localIP == null && this.localIPv6 == null) {
            logger.error(context.getString(R.string.opentun_no_ipaddr));
            return;
        }
        if (addLocalIps(builder, vpnProfile.mAllowLocalLAN)) {
            addDnsList(builder);
            addMtu(builder);
            addNotAllowedApps(builder);
            Collection<NetworkSpace.ipAddress> positiveIPList = this.routes.getPositiveIPList();
            Collection<NetworkSpace.ipAddress> positiveIPList2 = this.routesV6.getPositiveIPList();
            samsungWorkAround(positiveIPList);
            fillRoutes(builder, context, positiveIPList, positiveIPList2);
            String str = this.domain;
            if (str != null) {
                builder.addSearchDomain(str);
            }
            logCommonInfo(positiveIPList, positiveIPList2);
            if (this.dnsList.size() == 0) {
                logger.info(context.getString(R.string.warn_no_dns));
            }
            this.lastTunCfg = getTunConfigString();
            reset();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getSessionFormatted(Context context, String str) {
        CIDRIP cidrip = this.localIP;
        if (cidrip != null && this.localIPv6 != null) {
            return context.getString(R.string.session_ipv6string, str, this.localIP, this.localIPv6);
        }
        if (cidrip != null) {
            return context.getString(R.string.session_ipv4string, str, this.localIP);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTunReopenStatus() {
        if (getTunConfigString().equals(this.lastTunCfg)) {
            return "NOACTION";
        }
        String str = Build.VERSION.RELEASE;
        return "OPEN_BEFORE_CLOSE";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isLocalBypassEnabled() {
        return this.settings.getLocalBypass();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setDomain(String str) {
        if (this.domain == null) {
            this.domain = str;
        }
    }

    void setLocalIP(CIDRIP cidrip) {
        this.localIP = cidrip;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setLocalIP(String str, String str2, int i, String str3) {
        long j;
        int i2;
        this.localIP = new CIDRIP(str, str2);
        this.mtu = i;
        this.remoteGW = null;
        long j2 = CIDRIP.getInt(str2);
        if (this.localIP.len == 32 && !str2.equals("255.255.255.255")) {
            if ("net30".equals(str3)) {
                j = -4;
                i2 = 30;
            } else {
                j = -2;
                i2 = 31;
            }
            if ((j2 & j) == (this.localIP.getInt() & j)) {
                this.localIP.len = i2;
            } else {
                this.localIP.len = 32;
                if (!"p2p".equals(str3)) {
                    LOGGER.warn(String.format(String.format(getString(R.string.ip_not_cidr), str, str2, str3), new Object[0]));
                }
            }
        }
        if (("p2p".equals(str3) && this.localIP.len < 32) || ("net30".equals(str3) && this.localIP.len < 30)) {
            LOGGER.warn(String.format(getString(R.string.ip_looks_like_subnet), str, str2, str3));
        }
        if (this.localIP.len <= 31 && Build.VERSION.SDK_INT >= 21) {
            CIDRIP cidrip = new CIDRIP(this.localIP.mIp, this.localIP.len);
            cidrip.normalise();
            addRoute(cidrip);
        }
        this.remoteGW = str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setLocalIPv6(String str) {
        this.localIPv6 = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setMtu(int i) {
        this.mtu = i;
    }
}
