package org.strongswan.android.logic;

import android.annotation.TargetApi;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.net.ConnectivityManager;
import android.net.LinkAddress;
import android.net.Network;
import android.net.NetworkInfo;
import android.net.VpnService;
import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.HandlerThread;
import android.os.ParcelFileDescriptor;
import android.os.PowerManager;
import android.os.SystemClock;
import android.preference.PreferenceManager;
import android.security.KeyChain;
import android.security.KeyChainException;
import android.system.OsConstants;
import androidx.core.app.NotificationManagerCompat;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.Inet4Address;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedByInterruptException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.Callable;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import org.strongswan.android.data.Logger;
import org.strongswan.android.data.VpnProfile;
import org.strongswan.android.data.VpnProfileDataSource;
import org.strongswan.android.data.VpnType;
import org.strongswan.android.logic.VpnStateUtil;
import org.strongswan.android.logic.delegate.StrongSwanVPNDelegate;
import org.strongswan.android.logic.imc.ImcState;
import org.strongswan.android.logic.imc.RemediationInstruction;
import org.strongswan.android.utils.Constants;
import org.strongswan.android.utils.IPRange;
import org.strongswan.android.utils.IPRangeSet;
import org.strongswan.android.utils.NetworkUtils;
import org.strongswan.android.utils.SettingsWriter;

/* loaded from: classes2.dex */
public class CharonVpnService extends VpnService implements Runnable, VpnStateUtil.VpnStateListener {
    public static final long CHARON_RECONNECT_INTERVAL = 15000;
    public static final int CONNECTION_TIMEOUT = 3000;
    public static final long CONNECTION_TIME_TIMER_DELAY = 3600000;
    public static final String DISCONNECT_ACTION = "org.strongswan.surfshark.android.CharonVpnService.DISCONNECT";
    public static final String KEY_IS_RETRY = "retry";
    public static final String KILL_SWITCH_ENABLED = "kill_switch_enabled";
    public static final String LOG_FILE = "charon.log";
    public static final String NOTIFICATION_CHANNEL = "VPN_STATE_NOTIFICATION";
    public static final long RECONNECT_TIMER_DELAY = 60000;
    public static final String START_KILL_SWITCH_ACTION = "org.strongswan.surfshark.android.CharonVpnService.START_KILL_SWITCH";
    static final int STATE_AUTH_ERROR = 3;
    static final int STATE_CERTIFICATE_UNAVAILABLE = 7;
    static final int STATE_CHILD_SA_DOWN = 2;
    static final int STATE_CHILD_SA_UP = 1;
    static final int STATE_GENERIC_ERROR = 8;
    static final int STATE_LOOKUP_ERROR = 5;
    static final int STATE_PEER_AUTH_ERROR = 4;
    static final int STATE_UNREACHABLE_ERROR = 6;
    public static final String STOP_KILL_SWITCH_ACTION = "org.strongswan.surfshark.android.CharonVpnService.STOP_KILL_SWITCH";
    public static final String VPN_CONNECTED = "vpn_connected";
    public static final String VPN_CONNECTION_TIME = "vpn_connection_time";
    public static final String VPN_CONNECTION_TIME_START = "vpn_connection_time_start";
    private static final String VPN_SERVICE_ACTION = "android.net.VpnService";
    public static final int VPN_STATE_NOTIFICATION_ID = 1;
    private String mAppDir;
    private Handler mBackgroundHandler;
    private HandlerThread mBackgroundHandlerThread;
    private Future<Boolean> mCheckNetworkTask;
    private Thread mConnectionHandler;
    private volatile String mCurrentCertificateAlias;
    private VpnProfile mCurrentProfile;
    private volatile String mCurrentUserCertificateAlias;
    private VpnProfileDataSource mDataSource;
    private volatile boolean mIsDisconnecting;
    private NetworkInfo mLastNetworkInfo;
    private String mLogFile;
    private VpnProfile mNextProfile;
    private NotificationManagerCompat mNotificationManager;
    private PowerManager mPowerManager;
    private volatile boolean mProfileUpdated;
    private volatile boolean mShowNotification;
    private volatile boolean mTerminate;
    private static final String TAG = CharonVpnService.class.getSimpleName();
    private static volatile boolean mKillSwitchMode = false;
    private long mLastStart = 0;
    private boolean mIsRetry = false;
    private Timer mConnectionTimeTimer = new Timer();
    private volatile boolean mCharonInitialized = false;
    private volatile boolean mDozeMode = false;
    private BuilderAdapter mBuilderAdapter = new BuilderAdapter();
    private final Object mServiceLock = new Object();
    private SharedPreferences mSharedPrefs = PreferenceManager.getDefaultSharedPreferences(StrongSwanApplication.getContext());
    protected BroadcastReceiver onDozeModeChangedReceiver = new BroadcastReceiver() { // from class: org.strongswan.android.logic.CharonVpnService.1
        @Override // android.content.BroadcastReceiver
        @TargetApi(23)
        public void onReceive(Context context, Intent intent) {
            boolean isDeviceIdleMode = CharonVpnService.this.mPowerManager.isDeviceIdleMode();
            Logger.getInstance().i(CharonVpnService.TAG, "Device idle mode changed to " + isDeviceIdleMode);
            if (isDeviceIdleMode) {
                CharonVpnService.this.mDozeMode = true;
            } else if (CharonVpnService.this.mDozeMode) {
                VpnStateUtil.getInstance().reconnect();
                CharonVpnService.this.mDozeMode = false;
            }
        }
    };
    protected BroadcastReceiver onNetworkChangeReceiver = new BroadcastReceiver() { // from class: org.strongswan.android.logic.CharonVpnService.2
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            if (CharonVpnService.this.getVpnState() == VpnStateUtil.State.CONNECTED) {
                CharonVpnService.this.checkNetworkChanged();
            } else {
                CharonVpnService charonVpnService = CharonVpnService.this;
                charonVpnService.mLastNetworkInfo = charonVpnService.getCurrentActiveNetworkInfo();
            }
        }
    };
    protected BroadcastReceiver onScreenChangeReceiver = new BroadcastReceiver() { // from class: org.strongswan.android.logic.CharonVpnService.3
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            if (CharonVpnService.mKillSwitchMode) {
                return;
            }
            boolean equals = "android.intent.action.SCREEN_ON".equals(intent.getAction());
            Logger.getInstance().d(CharonVpnService.TAG, "Screen on changed to " + equals);
            if (equals && CharonVpnService.this.getVpnState() == VpnStateUtil.State.CONNECTED) {
                CharonVpnService.this.checkConnection();
            } else {
                if (CharonVpnService.this.mCheckNetworkTask == null || CharonVpnService.this.mCheckNetworkTask.isCancelled() || !CharonVpnService.this.mCheckNetworkTask.isDone()) {
                    return;
                }
                CharonVpnService.this.mCheckNetworkTask.cancel(true);
            }
        }
    };
    protected BroadcastReceiver onDisconnectReceiver = new BroadcastReceiver() { // from class: org.strongswan.android.logic.CharonVpnService.4
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            VpnStateUtil.getInstance().resetRetryTimer();
            VpnStateUtil.getInstance().setError(VpnStateUtil.ErrorState.NO_ERROR);
            VpnStateUtil.State vpnState = CharonVpnService.this.getVpnState();
            boolean z = false;
            if ((vpnState == VpnStateUtil.State.CONNECTED || vpnState == VpnStateUtil.State.CONNECTING) && CharonVpnService.this.mSharedPrefs.getBoolean(CharonVpnService.KILL_SWITCH_ENABLED, false) && !CharonVpnService.this.checkNetworkIsWhitelisted()) {
                z = true;
            }
            if (z) {
                boolean unused = CharonVpnService.mKillSwitchMode = true;
                CharonVpnService.this.removeNotification();
                CharonVpnService.this.addKillSwitchNotification();
            }
            CharonVpnService.this.stopCurrentConnection();
            if (z) {
                CharonVpnService.this.mBuilderAdapter.establishBlocking();
            }
        }
    };
    protected BroadcastReceiver onStopKillSwitchReceiver = new BroadcastReceiver() { // from class: org.strongswan.android.logic.CharonVpnService.5
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            VpnStateUtil.State vpnState = CharonVpnService.this.getVpnState();
            if ((vpnState == VpnStateUtil.State.DISABLED || vpnState == VpnStateUtil.State.DISCONNECTING) && CharonVpnService.mKillSwitchMode) {
                CharonVpnService.this.removeKillSwitchNotification();
                boolean unused = CharonVpnService.mKillSwitchMode = false;
                CharonVpnService.this.mBuilderAdapter.closeBlocking();
                CharonVpnService.this.stopSelf();
            }
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.strongswan.android.logic.CharonVpnService$7, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass7 {
        static final /* synthetic */ int[] $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling;

        static {
            int[] iArr = new int[VpnProfile.SelectedAppsHandling.values().length];
            $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling = iArr;
            try {
                iArr[VpnProfile.SelectedAppsHandling.SELECTED_APPS_EXCLUDE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[VpnProfile.SelectedAppsHandling.SELECTED_APPS_ONLY.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public class BuilderAdapter {
        private VpnService.Builder mBuilder;
        private BuilderCache mCache;
        private PacketDropper mDropper = new PacketDropper();
        private BuilderCache mEstablishedCache;
        private VpnProfile mProfile;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: classes2.dex */
        public class PacketDropper implements Runnable {
            private ParcelFileDescriptor mFd;
            private Thread mThread;

            private PacketDropper() {
            }

            @Override // java.lang.Runnable
            public synchronized void run() {
                try {
                    FileInputStream fileInputStream = new FileInputStream(this.mFd.getFileDescriptor());
                    ByteBuffer allocate = ByteBuffer.allocate(BuilderAdapter.this.mCache.mMtu);
                    while (true) {
                        if (Build.VERSION.SDK_INT >= 24) {
                            int read = fileInputStream.getChannel().read(allocate);
                            allocate.clear();
                            if (read < 0) {
                                break;
                            }
                        } else {
                            boolean z = true;
                            if (fileInputStream.available() > 0) {
                                int read2 = fileInputStream.read(allocate.array());
                                allocate.clear();
                                if (read2 < 0 || Thread.interrupted()) {
                                    break;
                                } else {
                                    z = false;
                                }
                            }
                            if (z) {
                                Thread.sleep(250L);
                            }
                        }
                    }
                } catch (IOException e) {
                    e.printStackTrace();
                } catch (InterruptedException | ClosedByInterruptException unused) {
                }
            }

            public void start(ParcelFileDescriptor parcelFileDescriptor) {
                this.mFd = parcelFileDescriptor;
                Thread thread = new Thread(this);
                this.mThread = thread;
                thread.start();
            }

            public void stop() {
                if (this.mFd != null) {
                    try {
                        this.mThread.interrupt();
                        this.mThread.join();
                        this.mFd.close();
                    } catch (IOException | InterruptedException e) {
                        e.printStackTrace();
                    }
                    this.mFd = null;
                }
            }
        }

        public BuilderAdapter() {
        }

        private VpnService.Builder createBuilder(String str) {
            VpnService.Builder builder = new VpnService.Builder(CharonVpnService.this);
            builder.setSession(str);
            builder.setConfigureIntent(StrongSwanVPNDelegate.getMainPendingIntent(CharonVpnService.this.getApplicationContext()));
            return builder;
        }

        private synchronized ParcelFileDescriptor establishIntern() {
            try {
                this.mCache.applyData(this.mBuilder);
                ParcelFileDescriptor establish = this.mBuilder.establish();
                if (establish != null) {
                    closeBlocking();
                }
                if (establish == null) {
                    return null;
                }
                this.mBuilder = createBuilder(this.mProfile.getName());
                this.mEstablishedCache = this.mCache;
                this.mCache = new BuilderCache(this.mProfile);
                return establish;
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }

        private void setDnsResolvers() {
            if (this.mProfile.getDnsResolvers() != null) {
                for (String str : this.mProfile.getDnsResolvers().split(";")) {
                    addDnsServer(str);
                }
            }
        }

        private void setIPV6() {
            if (this.mProfile.isDisableIpv6() == null || !this.mProfile.isDisableIpv6().booleanValue()) {
                return;
            }
            addAddress("fd00::1", 64);
        }

        public synchronized boolean addAddress(String str, int i) {
            try {
                this.mCache.addAddress(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addDnsServer(String str) {
            try {
                this.mBuilder.addDnsServer(str);
                this.mCache.recordAddressFamily(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addRoute(String str, int i) {
            try {
                this.mCache.addRoute(str, i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized boolean addSearchDomain(String str) {
            try {
                this.mBuilder.addSearchDomain(str);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        synchronized void closeBlocking() {
            this.mDropper.stop();
        }

        public synchronized int establish() {
            ParcelFileDescriptor establishIntern;
            establishIntern = establishIntern();
            return establishIntern != null ? establishIntern.detachFd() : -1;
        }

        /* JADX WARN: Removed duplicated region for block: B:28:0x00c5 A[Catch: all -> 0x00cf, TRY_LEAVE, TryCatch #4 {, blocks: (B:3:0x0001, B:8:0x0007, B:10:0x0053, B:11:0x005a, B:13:0x0060, B:15:0x0066, B:20:0x006d, B:23:0x00a6, B:26:0x00b8, B:28:0x00c5, B:34:0x00c0, B:35:0x0071, B:37:0x007b, B:38:0x007f, B:40:0x0085, B:42:0x008b, B:47:0x0091, B:52:0x0098, B:56:0x009c, B:59:0x00a3), top: B:2:0x0001, inners: #0, #1, #2, #3 }] */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        synchronized void establishBlocking() {
            /*
                r4 = this;
                monitor-enter(r4)
                org.strongswan.android.data.VpnProfile r0 = r4.mProfile     // Catch: java.lang.Throwable -> Lcf
                if (r0 != 0) goto L7
                monitor-exit(r4)
                return
            L7:
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = "10.0.0.2"
                r2 = 32
                r0.addAddress(r1, r2)     // Catch: java.lang.Throwable -> Lcf
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = "fd00::1"
                r2 = 64
                r0.addAddress(r1, r2)     // Catch: java.lang.Throwable -> Lcf
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = "0.0.0.0"
                r2 = 0
                r0.addRoute(r1, r2)     // Catch: java.lang.Throwable -> Lcf
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = "::"
                r0.addRoute(r1, r2)     // Catch: java.lang.Throwable -> Lcf
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = "8.8.8.8"
                r0.addDnsServer(r1)     // Catch: java.lang.Throwable -> Lcf
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = "2001:4860:4860::8888"
                r0.addDnsServer(r1)     // Catch: java.lang.Throwable -> Lcf
                java.util.HashSet r0 = new java.util.HashSet     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.logic.CharonVpnService$BuilderCache r1 = r4.mCache     // Catch: java.lang.Throwable -> Lcf
                java.util.HashSet r1 = org.strongswan.android.logic.CharonVpnService.BuilderCache.access$1900(r1)     // Catch: java.lang.Throwable -> Lcf
                r0.<init>(r1)     // Catch: java.lang.Throwable -> Lcf
                android.content.Context r1 = org.strongswan.android.logic.StrongSwanApplication.getContext()     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = r1.getPackageName()     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.logic.CharonVpnService$BuilderCache r2 = r4.mCache     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.data.VpnProfile$SelectedAppsHandling r2 = org.strongswan.android.logic.CharonVpnService.BuilderCache.access$2000(r2)     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.data.VpnProfile$SelectedAppsHandling r3 = org.strongswan.android.data.VpnProfile.SelectedAppsHandling.SELECTED_APPS_EXCLUDE     // Catch: java.lang.Throwable -> Lcf
                if (r2 != r3) goto L71
                r0.add(r1)     // Catch: java.lang.Throwable -> Lcf
                java.util.Iterator r0 = r0.iterator()     // Catch: java.lang.Throwable -> Lcf
            L5a:
                boolean r1 = r0.hasNext()     // Catch: java.lang.Throwable -> Lcf
                if (r1 == 0) goto La6
                java.lang.Object r1 = r0.next()     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r1 = (java.lang.String) r1     // Catch: java.lang.Throwable -> Lcf
                android.net.VpnService$Builder r2 = r4.mBuilder     // Catch: android.content.pm.PackageManager.NameNotFoundException -> L6c java.lang.Throwable -> Lcf
                r2.addDisallowedApplication(r1)     // Catch: android.content.pm.PackageManager.NameNotFoundException -> L6c java.lang.Throwable -> Lcf
                goto L5a
            L6c:
                r1 = move-exception
                r1.printStackTrace()     // Catch: java.lang.Throwable -> Lcf
                goto L5a
            L71:
                org.strongswan.android.logic.CharonVpnService$BuilderCache r2 = r4.mCache     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.data.VpnProfile$SelectedAppsHandling r2 = org.strongswan.android.logic.CharonVpnService.BuilderCache.access$2000(r2)     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.data.VpnProfile$SelectedAppsHandling r3 = org.strongswan.android.data.VpnProfile.SelectedAppsHandling.SELECTED_APPS_ONLY     // Catch: java.lang.Throwable -> Lcf
                if (r2 != r3) goto L9c
                java.util.Iterator r0 = r0.iterator()     // Catch: java.lang.Throwable -> Lcf
            L7f:
                boolean r2 = r0.hasNext()     // Catch: java.lang.Throwable -> Lcf
                if (r2 == 0) goto La6
                java.lang.Object r2 = r0.next()     // Catch: java.lang.Throwable -> Lcf
                java.lang.String r2 = (java.lang.String) r2     // Catch: java.lang.Throwable -> Lcf
                boolean r3 = r2.equals(r1)     // Catch: android.content.pm.PackageManager.NameNotFoundException -> L97 java.lang.Throwable -> Lcf
                if (r3 != 0) goto L7f
                android.net.VpnService$Builder r3 = r4.mBuilder     // Catch: android.content.pm.PackageManager.NameNotFoundException -> L97 java.lang.Throwable -> Lcf
                r3.addAllowedApplication(r2)     // Catch: android.content.pm.PackageManager.NameNotFoundException -> L97 java.lang.Throwable -> Lcf
                goto L7f
            L97:
                r2 = move-exception
                r2.printStackTrace()     // Catch: java.lang.Throwable -> Lcf
                goto L7f
            L9c:
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: android.content.pm.PackageManager.NameNotFoundException -> La2 java.lang.Throwable -> Lcf
                r0.addDisallowedApplication(r1)     // Catch: android.content.pm.PackageManager.NameNotFoundException -> La2 java.lang.Throwable -> Lcf
                goto La6
            La2:
                r0 = move-exception
                r0.printStackTrace()     // Catch: java.lang.Throwable -> Lcf
            La6:
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.logic.CharonVpnService$BuilderCache r1 = r4.mCache     // Catch: java.lang.Throwable -> Lcf
                int r1 = org.strongswan.android.logic.CharonVpnService.BuilderCache.access$2100(r1)     // Catch: java.lang.Throwable -> Lcf
                r0.setMtu(r1)     // Catch: java.lang.Throwable -> Lcf
                android.net.VpnService$Builder r0 = r4.mBuilder     // Catch: java.lang.Throwable -> Lcf
                r1 = 1
                r0.setBlocking(r1)     // Catch: java.lang.Throwable -> Lcf
                r0 = 0
                android.net.VpnService$Builder r1 = r4.mBuilder     // Catch: java.lang.Exception -> Lbf java.lang.Throwable -> Lcf
                android.os.ParcelFileDescriptor r0 = r1.establish()     // Catch: java.lang.Exception -> Lbf java.lang.Throwable -> Lcf
                goto Lc3
            Lbf:
                r1 = move-exception
                r1.printStackTrace()     // Catch: java.lang.Throwable -> Lcf
            Lc3:
                if (r0 == 0) goto Lcd
                r4.closeBlocking()     // Catch: java.lang.Throwable -> Lcf
                org.strongswan.android.logic.CharonVpnService$BuilderAdapter$PacketDropper r1 = r4.mDropper     // Catch: java.lang.Throwable -> Lcf
                r1.start(r0)     // Catch: java.lang.Throwable -> Lcf
            Lcd:
                monitor-exit(r4)
                return
            Lcf:
                r0 = move-exception
                monitor-exit(r4)
                throw r0
            */
            throw new UnsupportedOperationException("Method not decompiled: org.strongswan.android.logic.CharonVpnService.BuilderAdapter.establishBlocking():void");
        }

        public synchronized int establishNoDns() {
            if (this.mEstablishedCache == null) {
                return -1;
            }
            try {
                VpnService.Builder createBuilder = createBuilder(this.mProfile.getName());
                this.mEstablishedCache.applyData(createBuilder);
                ParcelFileDescriptor establish = createBuilder.establish();
                if (establish == null) {
                    return -1;
                }
                return establish.detachFd();
            } catch (Exception e) {
                e.printStackTrace();
                return -1;
            }
        }

        public synchronized boolean setMtu(int i) {
            try {
                this.mCache.setMtu(i);
            } catch (IllegalArgumentException unused) {
                return false;
            }
            return true;
        }

        public synchronized void setProfile(VpnProfile vpnProfile) {
            this.mProfile = vpnProfile;
            this.mBuilder = createBuilder(vpnProfile.getName());
            this.mCache = new BuilderCache(this.mProfile);
            setDnsResolvers();
            setIPV6();
        }
    }

    /* loaded from: classes2.dex */
    public class BuilderCache {
        private final VpnProfile.SelectedAppsHandling mAppHandling;
        private final IPRangeSet mExcludedSubnets;
        private boolean mIPv4Seen;
        private boolean mIPv6Seen;
        private int mMtu;
        private final HashSet<String> mSelectedApps;
        private final int mSplitTunneling;
        private final List<IPRange> mAddresses = new ArrayList();
        private final List<IPRange> mRoutesIPv4 = new ArrayList();
        private final List<IPRange> mRoutesIPv6 = new ArrayList();
        private final IPRangeSet mIncludedSubnetsv4 = new IPRangeSet();
        private final IPRangeSet mIncludedSubnetsv6 = new IPRangeSet();

        protected BuilderCache(VpnProfile vpnProfile) {
            Iterator<IPRange> it = IPRangeSet.fromString(vpnProfile.getIncludedSubnets()).iterator();
            while (it.hasNext()) {
                IPRange next = it.next();
                if (next.getFrom() instanceof Inet4Address) {
                    this.mIncludedSubnetsv4.add(next);
                } else if (next.getFrom() instanceof Inet6Address) {
                    this.mIncludedSubnetsv6.add(next);
                }
            }
            if (vpnProfile.isDisableIpv6().booleanValue()) {
                this.mIncludedSubnetsv6.add(IPRangeSet.fromString("::/0"));
            }
            this.mExcludedSubnets = IPRangeSet.fromString(vpnProfile.getExcludedSubnets());
            if (vpnProfile.isBypassLocalLan() != null && vpnProfile.isBypassLocalLan().booleanValue()) {
                this.mExcludedSubnets.add(IPRangeSet.fromString(NetworkUtils.getLocalNetworks(CharonVpnService.this.getApplicationContext(), false)));
            }
            this.mExcludedSubnets.add(IPRangeSet.fromString(NetworkUtils.getLocalNetworks(CharonVpnService.this.getApplicationContext(), true)));
            Integer splitTunneling = vpnProfile.getSplitTunneling();
            this.mSplitTunneling = splitTunneling != null ? splitTunneling.intValue() : 0;
            this.mAppHandling = vpnProfile.getSelectedAppsHandling();
            this.mSelectedApps = vpnProfile.getSelectedAppsSet();
            Integer mtu = vpnProfile.getMTU();
            this.mMtu = mtu == null ? Constants.MTU_MAX : mtu.intValue();
        }

        private boolean isIPv6(String str) throws UnknownHostException {
            InetAddress byName = InetAddress.getByName(str);
            if (byName instanceof Inet4Address) {
                return false;
            }
            return byName instanceof Inet6Address;
        }

        protected void addAddress(String str, int i) {
            try {
                this.mAddresses.add(new IPRange(str, i));
                recordAddressFamily(str);
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        protected void addRoute(String str, int i) {
            try {
                if (isIPv6(str)) {
                    this.mRoutesIPv6.add(new IPRange(str, i));
                } else {
                    this.mRoutesIPv4.add(new IPRange(str, i));
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        protected void applyData(VpnService.Builder builder) throws UnknownHostException {
            for (IPRange iPRange : this.mAddresses) {
                builder.addAddress(iPRange.getFrom(), iPRange.getPrefix().intValue());
            }
            if ((this.mSplitTunneling & 1) == 0) {
                if (this.mIPv4Seen) {
                    IPRangeSet iPRangeSet = new IPRangeSet();
                    if (this.mIncludedSubnetsv4.size() > 0) {
                        iPRangeSet.add(this.mIncludedSubnetsv4);
                    } else {
                        iPRangeSet.addAll(this.mRoutesIPv4);
                    }
                    iPRangeSet.remove(this.mExcludedSubnets);
                    IPRange iPRange2 = new IPRange("224.0.0.0", 3);
                    for (IPRange iPRange3 : iPRangeSet.subnets()) {
                        try {
                            if (iPRange2.contains(iPRange3)) {
                                Logger.getInstance().d(CharonVpnService.TAG, "Ignoring multicast route " + iPRange3.toString());
                            } else {
                                builder.addRoute(iPRange3.getFrom(), iPRange3.getPrefix().intValue());
                            }
                        } catch (IllegalArgumentException e) {
                            if (!iPRange3.getFrom().isMulticastAddress()) {
                                throw e;
                            }
                        }
                    }
                } else {
                    builder.allowFamily(OsConstants.AF_INET);
                }
            } else if (this.mIPv4Seen) {
                builder.addRoute("0.0.0.0", 0);
            }
            if ((this.mSplitTunneling & 2) == 0) {
                if (this.mIPv6Seen) {
                    IPRangeSet iPRangeSet2 = new IPRangeSet();
                    if (this.mIncludedSubnetsv6.size() > 0) {
                        iPRangeSet2.add(this.mIncludedSubnetsv6);
                    } else {
                        iPRangeSet2.addAll(this.mRoutesIPv6);
                    }
                    iPRangeSet2.remove(this.mExcludedSubnets);
                    for (IPRange iPRange4 : iPRangeSet2.subnets()) {
                        try {
                            builder.addRoute(iPRange4.getFrom(), iPRange4.getPrefix().intValue());
                        } catch (IllegalArgumentException e2) {
                            if (!iPRange4.getFrom().isMulticastAddress()) {
                                throw e2;
                            }
                        }
                    }
                } else {
                    builder.allowFamily(OsConstants.AF_INET6);
                }
            } else if (this.mIPv6Seen) {
                builder.addRoute("::", 0);
            }
            if (this.mSelectedApps.size() > 0) {
                int i = AnonymousClass7.$SwitchMap$org$strongswan$android$data$VpnProfile$SelectedAppsHandling[this.mAppHandling.ordinal()];
                if (i == 1) {
                    Iterator<String> it = this.mSelectedApps.iterator();
                    while (it.hasNext()) {
                        try {
                            builder.addDisallowedApplication(it.next());
                        } catch (PackageManager.NameNotFoundException unused) {
                        }
                    }
                } else if (i == 2) {
                    Iterator<String> it2 = this.mSelectedApps.iterator();
                    while (it2.hasNext()) {
                        try {
                            builder.addAllowedApplication(it2.next());
                        } catch (PackageManager.NameNotFoundException unused2) {
                        }
                    }
                }
            }
            builder.setMtu(this.mMtu);
        }

        protected void recordAddressFamily(String str) {
            try {
                if (isIPv6(str)) {
                    this.mIPv6Seen = true;
                } else {
                    this.mIPv4Seen = true;
                }
            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
        }

        public void setMtu(int i) {
            this.mMtu = i;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addKillSwitchNotification() {
        this.mNotificationManager.notify(1, StrongSwanVPNDelegate.buildKillSwitchNotification(getApplicationContext()));
    }

    private void addNotification() {
        this.mShowNotification = true;
        startForeground(1, StrongSwanVPNDelegate.buildNotification(getApplicationContext()));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void checkConnection() {
        Logger.getInstance().d(TAG, "Checking internet connection...");
        NetworkInfo activeNetworkInfo = ((ConnectivityManager) getApplicationContext().getSystemService("connectivity")).getActiveNetworkInfo();
        if ((activeNetworkInfo == null || !activeNetworkInfo.isConnectedOrConnecting()) ? false : checkNetworkReachable()) {
            Logger.getInstance().d(TAG, "Still connected");
            return;
        }
        Logger.getInstance().d(TAG, "No connection, trying to reconnect");
        if (VpnStateUtil.getInstance().getState() == VpnStateUtil.State.CONNECTED) {
            VpnStateUtil.getInstance().reconnect();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void checkNetworkChanged() {
        NetworkInfo networkInfo;
        Logger.getInstance().d(TAG, "Checking new network...");
        NetworkInfo currentActiveNetworkInfo = getCurrentActiveNetworkInfo();
        Logger logger = Logger.getInstance();
        String str = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("Old network info ");
        NetworkInfo networkInfo2 = this.mLastNetworkInfo;
        sb.append(networkInfo2 != null ? networkInfo2.toString() : "none");
        logger.d(str, sb.toString());
        Logger logger2 = Logger.getInstance();
        String str2 = TAG;
        StringBuilder sb2 = new StringBuilder();
        sb2.append("New network info ");
        sb2.append(currentActiveNetworkInfo != null ? currentActiveNetworkInfo.toString() : "none");
        logger2.d(str2, sb2.toString());
        boolean z = false;
        if ((currentActiveNetworkInfo != null || this.mLastNetworkInfo != null) && ((networkInfo = this.mLastNetworkInfo) == null || currentActiveNetworkInfo == null || networkInfo.getType() != currentActiveNetworkInfo.getType() || !Objects.equals(this.mLastNetworkInfo.getExtraInfo(), currentActiveNetworkInfo.getExtraInfo()))) {
            z = true;
        }
        this.mLastNetworkInfo = currentActiveNetworkInfo;
        if (z && VpnStateUtil.getInstance().getState() == VpnStateUtil.State.CONNECTED) {
            if (!checkNetworkIsWhitelisted()) {
                VpnStateUtil.getInstance().reconnect();
            } else {
                StrongSwanVPNDelegate.disconnectOnTrustedNetwork();
                stopCurrentConnection();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean checkNetworkIsWhitelisted() {
        return StrongSwanVPNDelegate.isNetworkWhitelisted();
    }

    private boolean checkNetworkReachable() {
        Future<Boolean> future = this.mCheckNetworkTask;
        if (future != null && !future.isCancelled() && !this.mCheckNetworkTask.isDone()) {
            this.mCheckNetworkTask.cancel(true);
        }
        Future<Boolean> submit = Executors.newSingleThreadExecutor().submit(new Callable() { // from class: org.strongswan.android.logic.-$$Lambda$CharonVpnService$e_nFOpSlLqx0tbSyGJD07A0zix0
            @Override // java.util.concurrent.Callable
            public final Object call() {
                return CharonVpnService.lambda$checkNetworkReachable$1();
            }
        });
        this.mCheckNetworkTask = submit;
        try {
            return submit.get(3000L, TimeUnit.MILLISECONDS).booleanValue();
        } catch (Exception unused) {
            return false;
        }
    }

    private void createNotificationChannel() {
        StrongSwanVPNDelegate.createNotificationChannel(getApplicationContext());
    }

    private static String getAndroidVersion() {
        String str = "Android " + Build.VERSION.RELEASE + " - " + Build.DISPLAY;
        if (Build.VERSION.SDK_INT < 23) {
            return str;
        }
        return str + "/" + Build.VERSION.SECURITY_PATCH;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public NetworkInfo getCurrentActiveNetworkInfo() {
        return ((ConnectivityManager) getApplicationContext().getSystemService("connectivity")).getActiveNetworkInfo();
    }

    private static String getDeviceString() {
        return Build.MODEL + " - " + Build.BRAND + "/" + Build.PRODUCT + "/" + Build.MANUFACTURER;
    }

    private byte[][] getTrustedCertificates() {
        ArrayList arrayList = new ArrayList();
        TrustedCertificateManager load = TrustedCertificateManager.getInstance().load();
        try {
            String str = this.mCurrentCertificateAlias;
            if (str != null) {
                X509Certificate cACertificateFromAlias = load.getCACertificateFromAlias(str);
                if (cACertificateFromAlias == null) {
                    return null;
                }
                arrayList.add(cACertificateFromAlias.getEncoded());
            } else {
                Iterator<X509Certificate> it = load.getAllCACertificates().values().iterator();
                while (it.hasNext()) {
                    arrayList.add(it.next().getEncoded());
                }
            }
            return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    private byte[][] getUserCertificate() throws KeyChainException, InterruptedException, CertificateEncodingException {
        ArrayList arrayList = new ArrayList();
        X509Certificate[] certificateChain = KeyChain.getCertificateChain(getApplicationContext(), this.mCurrentUserCertificateAlias);
        if (certificateChain == null || certificateChain.length == 0) {
            return null;
        }
        for (X509Certificate x509Certificate : certificateChain) {
            arrayList.add(x509Certificate.getEncoded());
        }
        return (byte[][]) arrayList.toArray(new byte[arrayList.size()]);
    }

    private PrivateKey getUserKey() throws KeyChainException, InterruptedException {
        return KeyChain.getPrivateKey(getApplicationContext(), this.mCurrentUserCertificateAlias);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public VpnStateUtil.State getVpnState() {
        return VpnStateUtil.getInstance().getState();
    }

    public static boolean isKillSwitchMode() {
        return mKillSwitchMode;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ Boolean lambda$checkNetworkReachable$1() throws Exception {
        Socket socket = new Socket();
        try {
            try {
                socket.connect(new InetSocketAddress(StrongSwanVPNDelegate.getAppUrl(), 80), CONNECTION_TIMEOUT);
                try {
                    socket.close();
                } catch (Exception unused) {
                }
                return true;
            } catch (Exception unused2) {
                try {
                    socket.close();
                } catch (Exception unused3) {
                }
                return false;
            }
        } catch (Throwable th) {
            try {
                socket.close();
            } catch (Exception unused4) {
            }
            throw th;
        }
    }

    private void logNetworkInfo() {
        Executors.newSingleThreadExecutor().submit(new Runnable() { // from class: org.strongswan.android.logic.-$$Lambda$CharonVpnService$kYsEq1_jvgr1La-E4M6PmdhviBA
            @Override // java.lang.Runnable
            public final void run() {
                CharonVpnService.this.lambda$logNetworkInfo$0$CharonVpnService();
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void removeKillSwitchNotification() {
        this.mNotificationManager.cancel(1);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void removeNotification() {
        this.mShowNotification = false;
        StrongSwanVPNDelegate.removeNotification();
        if (mKillSwitchMode) {
            return;
        }
        this.mNotificationManager.cancel(1);
    }

    private void setError(VpnStateUtil.ErrorState errorState) {
        synchronized (this.mServiceLock) {
            Logger.getInstance().e(TAG, "Error state " + errorState.name());
            VpnStateUtil.getInstance().setError(errorState);
        }
    }

    private void setErrorDisconnect(VpnStateUtil.ErrorState errorState) {
        synchronized (this.mServiceLock) {
            Logger.getInstance().e(TAG, "Error state " + errorState.name());
            if (!this.mIsDisconnecting) {
                VpnStateUtil.getInstance().setError(errorState);
            }
        }
    }

    private void setImcState(ImcState imcState) {
        synchronized (this.mServiceLock) {
            VpnStateUtil.getInstance().setImcState(imcState);
        }
    }

    private synchronized void setNextProfile(VpnProfile vpnProfile) {
        this.mNextProfile = vpnProfile;
        this.mProfileUpdated = true;
        notifyAll();
    }

    private void setState(VpnStateUtil.State state) {
        synchronized (this.mServiceLock) {
            Logger.getInstance().d(TAG, "State " + state.name());
            if (VpnStateUtil.getInstance().getState() != VpnStateUtil.State.CONNECTED && state == VpnStateUtil.State.CONNECTED && !this.mIsRetry) {
                this.mSharedPrefs.edit().putLong(VPN_CONNECTION_TIME_START, SystemClock.elapsedRealtime()).apply();
            }
            VpnStateUtil.getInstance().setState(state);
        }
    }

    private void startConnection(VpnProfile vpnProfile) {
        synchronized (this.mServiceLock) {
            VpnStateUtil.getInstance().startConnection(vpnProfile);
        }
    }

    private void startConnectionTimeTimer() {
        this.mLastStart = SystemClock.elapsedRealtime() / 1000;
        Timer timer = new Timer();
        this.mConnectionTimeTimer = timer;
        timer.scheduleAtFixedRate(new TimerTask() { // from class: org.strongswan.android.logic.CharonVpnService.6
            @Override // java.util.TimerTask, java.lang.Runnable
            public void run() {
                CharonVpnService.this.mSharedPrefs.edit().putLong(CharonVpnService.VPN_CONNECTION_TIME, CharonVpnService.this.mSharedPrefs.getLong(CharonVpnService.VPN_CONNECTION_TIME, 0L) + 3600).apply();
                CharonVpnService.this.mLastStart = SystemClock.elapsedRealtime() / 1000;
            }
        }, CONNECTION_TIME_TIMER_DELAY, CONNECTION_TIME_TIMER_DELAY);
    }

    private void startKillSwitch() {
        String string = this.mSharedPrefs.getString(Constants.PREF_DEFAULT_VPN_PROFILE, null);
        if (string == null || string.equals(Constants.PREF_DEFAULT_VPN_PROFILE_MRU)) {
            string = this.mSharedPrefs.getString(Constants.PREF_MRU_VPN_PROFILE, null);
        }
        VpnProfile vpnProfile = this.mDataSource.getVpnProfile(string);
        if (vpnProfile == null) {
            vpnProfile = new VpnProfile();
        }
        startForeground(1, StrongSwanVPNDelegate.buildKillSwitchNotification(getApplicationContext()));
        mKillSwitchMode = true;
        this.mBuilderAdapter.setProfile(vpnProfile);
        this.mBuilderAdapter.establishBlocking();
    }

    private void stopConnectionTimeTimer() {
        Timer timer = this.mConnectionTimeTimer;
        if (timer != null) {
            timer.cancel();
            this.mConnectionTimeTimer = null;
            this.mSharedPrefs.edit().putLong(VPN_CONNECTION_TIME, this.mSharedPrefs.getLong(VPN_CONNECTION_TIME, 0L) + ((SystemClock.elapsedRealtime() / 1000) - this.mLastStart)).apply();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void stopCurrentConnection() {
        this.mIsDisconnecting = true;
        if (this.mNextProfile == null) {
            setState(VpnStateUtil.State.DISCONNECTING);
        }
        SimpleFetcher.disable();
        if (this.mCharonInitialized) {
            deinitializeCharon();
            this.mCharonInitialized = false;
            Logger.getInstance().i(TAG, "Charon stopped");
        }
        this.mCurrentProfile = null;
        if (this.mNextProfile == null) {
            removeNotification();
            this.mSharedPrefs.edit().putBoolean(VPN_CONNECTED, false).apply();
            stopConnectionTimeTimer();
            if (!mKillSwitchMode) {
                this.mBuilderAdapter.closeBlocking();
                stopForeground(true);
                stopSelf();
            }
            setState(VpnStateUtil.State.DISABLED);
        }
    }

    public void addRemediationInstruction(String str) {
        for (RemediationInstruction remediationInstruction : RemediationInstruction.fromXml(str)) {
            synchronized (this.mServiceLock) {
                VpnStateUtil.getInstance().addRemediationInstruction(remediationInstruction);
            }
        }
    }

    public native void deinitializeCharon();

    public native boolean initializeCharon(BuilderAdapter builderAdapter, String str, String str2, boolean z);

    public native void initiate(String str);

    public /* synthetic */ void lambda$logNetworkInfo$0$CharonVpnService() {
        ConnectivityManager connectivityManager = (ConnectivityManager) getApplicationContext().getSystemService("connectivity");
        for (Network network : connectivityManager.getAllNetworks()) {
            Logger.getInstance().d(TAG, connectivityManager.getNetworkInfo(network).toString());
            for (LinkAddress linkAddress : connectivityManager.getLinkProperties(network).getLinkAddresses()) {
                if (linkAddress.getAddress() instanceof Inet4Address) {
                    Logger.getInstance().d(TAG, linkAddress.getAddress().getHostAddress());
                }
            }
        }
    }

    @Override // android.app.Service
    public void onCreate() {
        Logger.getInstance().i(TAG, "Service created");
        this.mLogFile = getFilesDir().getAbsolutePath() + File.separator + LOG_FILE;
        this.mAppDir = getFilesDir().getAbsolutePath();
        this.mPowerManager = (PowerManager) getSystemService("power");
        VpnProfileDataSource vpnProfileDataSource = new VpnProfileDataSource(this);
        this.mDataSource = vpnProfileDataSource;
        vpnProfileDataSource.open();
        Thread thread = new Thread(this);
        this.mConnectionHandler = thread;
        thread.start();
        VpnStateUtil.getInstance().registerListener(this);
        HandlerThread handlerThread = new HandlerThread("BackgroundHandlerThread");
        this.mBackgroundHandlerThread = handlerThread;
        handlerThread.start();
        this.mBackgroundHandler = new Handler(this.mBackgroundHandlerThread.getLooper());
        registerReceiver(this.onDisconnectReceiver, new IntentFilter(DISCONNECT_ACTION), null, this.mBackgroundHandler);
        registerReceiver(this.onStopKillSwitchReceiver, new IntentFilter(STOP_KILL_SWITCH_ACTION), null, this.mBackgroundHandler);
        if (Build.VERSION.SDK_INT >= 23) {
            registerReceiver(this.onDozeModeChangedReceiver, new IntentFilter("android.os.action.DEVICE_IDLE_MODE_CHANGED"), null, this.mBackgroundHandler);
        }
        IntentFilter intentFilter = new IntentFilter();
        intentFilter.addAction("android.intent.action.SCREEN_OFF");
        intentFilter.addAction("android.intent.action.SCREEN_ON");
        registerReceiver(this.onScreenChangeReceiver, intentFilter, null, this.mBackgroundHandler);
        this.mLastNetworkInfo = getCurrentActiveNetworkInfo();
        registerReceiver(this.onNetworkChangeReceiver, new IntentFilter("android.net.conn.CONNECTIVITY_CHANGE"), null, this.mBackgroundHandler);
        this.mNotificationManager = NotificationManagerCompat.from(this);
        createNotificationChannel();
    }

    @Override // android.app.Service
    public void onDestroy() {
        Logger.getInstance().i(TAG, "Service destroyed");
        this.mTerminate = true;
        setNextProfile(null);
        try {
            this.mConnectionHandler.join();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        VpnStateUtil.getInstance().unregisterListener(this);
        unregisterReceiver(this.onDisconnectReceiver);
        unregisterReceiver(this.onStopKillSwitchReceiver);
        if (Build.VERSION.SDK_INT >= 23) {
            unregisterReceiver(this.onDozeModeChangedReceiver);
        }
        unregisterReceiver(this.onNetworkChangeReceiver);
        unregisterReceiver(this.onScreenChangeReceiver);
        this.mDataSource.close();
        this.mNotificationManager.cancel(1);
        mKillSwitchMode = false;
        StrongSwanVPNDelegate.vpnServiceStopped();
    }

    @Override // android.net.VpnService
    public void onRevoke() {
        if (!mKillSwitchMode) {
            setNextProfile(null);
            return;
        }
        removeKillSwitchNotification();
        mKillSwitchMode = false;
        this.mBuilderAdapter.closeBlocking();
        stopSelf();
    }

    @Override // android.app.Service
    public int onStartCommand(Intent intent, int i, int i2) {
        Bundle extras;
        this.mIsRetry = false;
        VpnStateUtil.State vpnState = getVpnState();
        if (intent != null && START_KILL_SWITCH_ACTION.equals(intent.getAction()) && vpnState == VpnStateUtil.State.DISABLED && !mKillSwitchMode && this.mSharedPrefs.getBoolean(KILL_SWITCH_ENABLED, false) && !checkNetworkIsWhitelisted()) {
            startKillSwitch();
            return 2;
        }
        if ((vpnState == VpnStateUtil.State.DISABLED || vpnState == VpnStateUtil.State.DISCONNECTING) && mKillSwitchMode) {
            removeKillSwitchNotification();
            mKillSwitchMode = false;
            this.mBuilderAdapter.closeBlocking();
        }
        addNotification();
        VpnProfile vpnProfile = null;
        if (intent == null || VPN_SERVICE_ACTION.equals(intent.getAction())) {
            String string = this.mSharedPrefs.getString(Constants.PREF_DEFAULT_VPN_PROFILE, null);
            if (string == null || string.equals(Constants.PREF_DEFAULT_VPN_PROFILE_MRU)) {
                string = this.mSharedPrefs.getString(Constants.PREF_MRU_VPN_PROFILE, null);
            }
            vpnProfile = this.mDataSource.getVpnProfile(string);
        } else if (!DISCONNECT_ACTION.equals(intent.getAction()) && (extras = intent.getExtras()) != null && (vpnProfile = this.mDataSource.getVpnProfile(extras.getString(VpnProfileDataSource.KEY_UUID))) != null) {
            vpnProfile.setPassword(extras.getString(VpnProfileDataSource.KEY_PASSWORD));
            this.mIsRetry = extras.getBoolean(KEY_IS_RETRY, false);
            this.mSharedPrefs.edit().putString(Constants.PREF_MRU_VPN_PROFILE, vpnProfile.getUUID().toString()).apply();
        }
        if (vpnProfile == null) {
            stopSelf();
            return 2;
        }
        addNotification();
        if (!this.mIsRetry) {
            Logger.getInstance().deleteFileMaybe();
        }
        setNextProfile(vpnProfile);
        return 2;
    }

    @Override // java.lang.Runnable
    public synchronized void run() {
        while (true) {
            try {
                if (this.mProfileUpdated) {
                    this.mProfileUpdated = false;
                    stopCurrentConnection();
                    if (this.mNextProfile != null) {
                        setState(VpnStateUtil.State.CONNECTING);
                        this.mBuilderAdapter.setProfile(this.mNextProfile);
                        if (!this.mIsRetry) {
                            this.mSharedPrefs.edit().putBoolean(VPN_CONNECTED, true).apply();
                            startConnectionTimeTimer();
                        }
                        VpnProfile vpnProfile = this.mNextProfile;
                        this.mCurrentProfile = vpnProfile;
                        this.mNextProfile = null;
                        this.mCurrentCertificateAlias = vpnProfile.getCertificateAlias();
                        this.mCurrentUserCertificateAlias = this.mCurrentProfile.getUserCertificateAlias();
                        startConnection(this.mCurrentProfile);
                        this.mIsDisconnecting = false;
                        SimpleFetcher.enable();
                        this.mBuilderAdapter.setProfile(this.mCurrentProfile);
                        if (initializeCharon(this.mBuilderAdapter, this.mLogFile, this.mAppDir, this.mCurrentProfile.getVpnType().has(VpnType.VpnTypeFeature.BYOD))) {
                            Logger.getInstance().i(TAG, "Charon started");
                            this.mCharonInitialized = true;
                            if (this.mCurrentProfile.getVpnType().has(VpnType.VpnTypeFeature.USER_PASS) && this.mCurrentProfile.getPassword() == null) {
                                setError(VpnStateUtil.ErrorState.PASSWORD_MISSING);
                                return;
                            }
                            SettingsWriter settingsWriter = new SettingsWriter();
                            settingsWriter.setValue("global.language", Locale.getDefault().getLanguage());
                            settingsWriter.setValue("global.mtu", this.mCurrentProfile.getMTU());
                            settingsWriter.setValue("global.nat_keepalive", this.mCurrentProfile.getNATKeepAlive());
                            settingsWriter.setValue("global.rsa_pss", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 16) != 0));
                            settingsWriter.setValue("global.crl", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 2) == 0));
                            settingsWriter.setValue("global.ocsp", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 4) == 0));
                            settingsWriter.setValue("connection.type", this.mCurrentProfile.getVpnType().getIdentifier());
                            settingsWriter.setValue("connection.server", this.mCurrentProfile.getGateway());
                            settingsWriter.setValue("connection.port", this.mCurrentProfile.getPort());
                            settingsWriter.setValue("connection.username", this.mCurrentProfile.getUsername());
                            settingsWriter.setValue("connection.password", this.mCurrentProfile.getPassword());
                            settingsWriter.setValue("connection.local_id", this.mCurrentProfile.getLocalId());
                            settingsWriter.setValue("connection.remote_id", this.mCurrentProfile.getRemoteId());
                            settingsWriter.setValue("connection.certreq", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 1) == 0));
                            settingsWriter.setValue("connection.strict_revocation", Boolean.valueOf((this.mCurrentProfile.getFlags().intValue() & 8) != 0));
                            settingsWriter.setValue("connection.ike_proposal", this.mCurrentProfile.getIkeProposal());
                            settingsWriter.setValue("connection.esp_proposal", this.mCurrentProfile.getEspProposal());
                            initiate(settingsWriter.serialize());
                        } else {
                            Logger.getInstance().e(TAG, "Failed to start charon");
                            setErrorDisconnect(VpnStateUtil.ErrorState.GENERIC_ERROR);
                        }
                    } else if (this.mTerminate) {
                        return;
                    }
                } else {
                    wait();
                }
            } catch (InterruptedException e) {
                Logger.getInstance().e(TAG, e.getMessage());
                stopCurrentConnection();
                setState(VpnStateUtil.State.DISABLED);
            }
        }
    }

    @Override // org.strongswan.android.logic.VpnStateUtil.VpnStateListener
    public void stateChanged() {
        if (this.mShowNotification) {
            this.mNotificationManager.notify(1, StrongSwanVPNDelegate.buildNotification(getApplicationContext()));
        }
    }

    public void updateImcState(int i) {
        ImcState fromValue = ImcState.fromValue(i);
        if (fromValue != null) {
            setImcState(fromValue);
        }
    }

    public void updateStatus(int i) {
        switch (i) {
            case 1:
                setState(VpnStateUtil.State.CONNECTED);
                return;
            case 2:
                if (this.mIsDisconnecting) {
                    return;
                }
                setState(VpnStateUtil.State.CONNECTING);
                return;
            case 3:
                setErrorDisconnect(VpnStateUtil.ErrorState.AUTH_FAILED);
                return;
            case 4:
                setErrorDisconnect(VpnStateUtil.ErrorState.PEER_AUTH_FAILED);
                return;
            case 5:
                setErrorDisconnect(VpnStateUtil.ErrorState.LOOKUP_FAILED);
                return;
            case 6:
                setErrorDisconnect(VpnStateUtil.ErrorState.UNREACHABLE);
                return;
            case 7:
                setErrorDisconnect(VpnStateUtil.ErrorState.CERTIFICATE_UNAVAILABLE);
                return;
            case 8:
                setErrorDisconnect(VpnStateUtil.ErrorState.GENERIC_ERROR);
                return;
            default:
                Logger.getInstance().e(TAG, "Unknown status code received");
                return;
        }
    }
}
