package com.logonbox.vpn.drivers.linux;

import com.logonbox.vpn.drivers.lib.AbstractUnixDesktopPlatformService;
import com.logonbox.vpn.drivers.lib.NativeComponents;
import com.logonbox.vpn.drivers.lib.StartRequest;
import com.logonbox.vpn.drivers.lib.SystemContext;
import com.logonbox.vpn.drivers.lib.VpnAdapter;
import com.logonbox.vpn.drivers.lib.VpnConfiguration;
import com.logonbox.vpn.drivers.lib.util.OsUtil;
import com.sshtools.liftlib.ElevatedClosure;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.io.Serializable;
import java.io.UncheckedIOException;
import java.net.InterfaceAddress;
import java.net.NetworkInterface;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.time.Duration;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/logonbox/vpn/drivers/linux/AbstractLinuxPlatformService.class */
public abstract class AbstractLinuxPlatformService extends AbstractUnixDesktopPlatformService<AbstractLinuxAddress> {
    private static final String INTERFACE_PREFIX = "wg";
    private static final Logger LOG = LoggerFactory.getLogger(AbstractLinuxPlatformService.class);
    static Object lock = new Object();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/logonbox/vpn/drivers/linux/AbstractLinuxPlatformService$IpAddressState.class */
    public enum IpAddressState {
        HEADER,
        IP,
        MAC
    }

    /* loaded from: input_file:com/logonbox/vpn/drivers/linux/AbstractLinuxPlatformService$SetIpForwarding.class */
    public static final class SetIpForwarding implements ElevatedClosure<Serializable, Serializable> {
        private String path;
        private boolean enable;

        public SetIpForwarding() {
        }

        SetIpForwarding(String str, boolean z) {
            this.path = str;
            this.enable = z;
        }

        public Serializable call(ElevatedClosure<Serializable, Serializable> elevatedClosure) throws Exception {
            try {
                BufferedWriter newBufferedWriter = Files.newBufferedWriter(Paths.get(this.path, new String[0]), new OpenOption[0]);
                try {
                    newBufferedWriter.write(this.enable ? "1" : "0");
                    if (newBufferedWriter != null) {
                        newBufferedWriter.close();
                    }
                    return null;
                } finally {
                }
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            }
        }
    }

    public AbstractLinuxPlatformService(SystemContext systemContext) {
        super(INTERFACE_PREFIX, systemContext);
    }

    public final List<AbstractLinuxAddress> addresses() {
        String mac;
        ArrayList arrayList = new ArrayList();
        AbstractLinuxAddress abstractLinuxAddress = null;
        try {
            IpAddressState ipAddressState = IpAddressState.HEADER;
            for (String str : context().commands().output(new String[]{"ip", "address"})) {
                if (!str.startsWith(" ")) {
                    String trim = str.split(":")[1].trim();
                    AbstractLinuxAddress createAddress = createAddress(nativeNameToInterfaceName(trim).orElse(trim), trim);
                    abstractLinuxAddress = createAddress;
                    arrayList.add(createAddress);
                    ipAddressState = IpAddressState.MAC;
                } else if (abstractLinuxAddress != null) {
                    String trim2 = str.trim();
                    if (ipAddressState == IpAddressState.MAC) {
                        String[] split = trim2.split("\\s+");
                        if (split.length > 1 && (mac = abstractLinuxAddress.getMac()) != null && !mac.equals(split[1])) {
                            throw new IllegalStateException("Unexpected MAC.");
                        }
                        ipAddressState = IpAddressState.IP;
                    } else if (ipAddressState == IpAddressState.IP && trim2.startsWith("inet ")) {
                        String[] split2 = trim2.split("\\s+");
                        if (split2.length > 1) {
                            abstractLinuxAddress.getAddresses().add(split2[1]);
                        }
                        ipAddressState = IpAddressState.HEADER;
                    }
                } else {
                    continue;
                }
            }
        } catch (IOException e) {
            if (!Boolean.getBoolean("hypersocket.development")) {
                throw new IllegalStateException("Failed to get network devices.", e);
            }
        }
        return arrayList;
    }

    public boolean isIpForwardingEnabledOnSystem() {
        Path path = Paths.get("/proc/sys/net/ipv4/ip_forward", new String[0]);
        Path path2 = Paths.get("/proc/sys/net/ipv6/conf/all/forwarding", new String[0]);
        return ((Files.exists(path, new LinkOption[0]) && isEnabled(path)) || !Files.exists(path, new LinkOption[0])) && ((Files.exists(path, new LinkOption[0]) && isEnabled(path2)) || !Files.exists(path2, new LinkOption[0]));
    }

    public boolean isValidNativeInterfaceName(String str) {
        return (str.length() >= 16 || str.matches(".*\\s+.*") || str.contains(" ") || str.contains("/")) ? false : true;
    }

    public final void runHook(VpnConfiguration vpnConfiguration, VpnAdapter vpnAdapter, String... strArr) throws IOException {
        runHookViaPipeToShell(vpnConfiguration, vpnAdapter, new String[]{OsUtil.getPathOfCommandInPathOrFail("bash").toString(), "-c", String.join(" ; ", strArr).trim()});
    }

    public void setNat(VpnAdapter vpnAdapter, boolean z) throws IOException {
        if (isNat(vpnAdapter) != z) {
            if (z) {
                LOG.info("Turning on NAT masquerade for {}", vpnAdapter.address().nativeName());
                this.context.commands().privileged().run(new String[]{"iptables", "-t", "nat", "-A", "POSTROUTING", "-o", vpnAdapter.address().nativeName(), "-j", "MASQUERADE"});
            } else {
                LOG.info("Turning off NAT masquerade for {}", vpnAdapter.address().nativeName());
                this.context.commands().privileged().run(new String[]{"iptables", "-t", "nat", "-D", "POSTROUTING", "-o", vpnAdapter.address().nativeName(), "-j", "MASQUERADE"});
            }
        }
    }

    public Optional<String> nativeNameToInterfaceName(String str) {
        return Optional.empty();
    }

    public Optional<String> interfaceNameToNativeName(String str) {
        return Optional.empty();
    }

    public boolean isNat(VpnAdapter vpnAdapter) throws IOException {
        return getNatInterfaces().contains(vpnAdapter.address().nativeName());
    }

    public void setIpForwardingEnabledOnSystem(boolean z) {
        Path path = Paths.get("/proc/sys/net/ipv4/ip_forward", new String[0]);
        Path path2 = Paths.get("/proc/sys/net/ipv6/conf/all/forwarding", new String[0]);
        boolean exists = Files.exists(path, new LinkOption[0]);
        boolean exists2 = Files.exists(path2, new LinkOption[0]);
        if (!exists && !exists2) {
            super.setIpForwardingEnabledOnSystem(z);
            return;
        }
        if (exists) {
            try {
                this.context.commands().privileged().task(new SetIpForwarding(path.toString(), z));
            } catch (Exception e) {
                throw new IllegalStateException("Failed to change IP forwarding.", e);
            }
        }
        if (exists2) {
            this.context.commands().privileged().task(new SetIpForwarding(path2.toString(), z));
        }
    }

    protected abstract AbstractLinuxAddress createAddress(String str, String str2);

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: createVirtualInetAddress, reason: merged with bridge method [inline-methods] */
    public final AbstractLinuxAddress m2createVirtualInetAddress(NetworkInterface networkInterface) throws IOException {
        AbstractLinuxAddress createAddress = createAddress(nativeNameToInterfaceName(networkInterface.getName()).orElse(networkInterface.getName()), networkInterface.getName());
        Iterator<InterfaceAddress> it = networkInterface.getInterfaceAddresses().iterator();
        while (it.hasNext()) {
            createAddress.getAddresses().add(it.next().getAddress().toString());
        }
        return createAddress;
    }

    protected final String getDefaultGateway() throws IOException {
        String str = null;
        for (String str2 : context().commands().privileged().output(new String[]{"ip", "route"})) {
            if (str == null && str2.startsWith("default via")) {
                String[] split = str2.split("\\s+");
                if (split.length > 2) {
                    str = split[2];
                }
            }
        }
        if (str == null) {
            throw new IOException("Could not get default gateway.");
        }
        return str;
    }

    protected final void onStart(StartRequest startRequest, VpnAdapter vpnAdapter) throws IOException {
        VpnConfiguration configuration = startRequest.configuration();
        Optional peer = startRequest.peer();
        AbstractLinuxAddress findAddress = findAddress(startRequest);
        if (configuration.addresses().size() > 0) {
            findAddress.setAddresses((String) configuration.addresses().get(0));
        }
        Path createTempFile = Files.createTempFile(INTERFACE_PREFIX, ".cfg", new FileAttribute[0]);
        try {
            BufferedWriter newBufferedWriter = Files.newBufferedWriter(createTempFile, new OpenOption[0]);
            try {
                transform(configuration).write(newBufferedWriter);
                if (newBufferedWriter != null) {
                    newBufferedWriter.close();
                }
                LOG.info("Activating Wireguard configuration for {} (in {})", findAddress.shortName(), createTempFile);
                context().commands().privileged().logged().result(new String[]{context().nativeComponents().tool(NativeComponents.Tool.WG), "setconf", findAddress.name(), createTempFile.toString()});
                LOG.info("Activated Wireguard configuration for {}", findAddress.shortName());
                Files.delete(createTempFile);
                Instant ofEpochMilli = Instant.ofEpochMilli(((System.currentTimeMillis() / 1000) - 1) * 1000);
                findAddress.mtu(((Integer) configuration.mtu().or(() -> {
                    return this.context.configuration().defaultMTU();
                }).orElse(0)).intValue());
                LOG.info("Bringing up {}", findAddress.shortName());
                findAddress.up();
                vpnAdapter.attachToInterface(findAddress);
                if (peer.isPresent() && this.context.configuration().connectTimeout().isPresent()) {
                    waitForFirstHandshake(configuration, vpnAdapter, ofEpochMilli, peer, (Duration) this.context.configuration().connectTimeout().get());
                }
                try {
                    dns(configuration, findAddress);
                    try {
                        LOG.info("Setting routes for {}", findAddress.shortName());
                        addRoutes(vpnAdapter);
                    } catch (IOException | RuntimeException e) {
                        try {
                            vpnAdapter.close();
                        } catch (Exception e2) {
                        }
                        throw e;
                    }
                } catch (IOException | RuntimeException e3) {
                    try {
                        vpnAdapter.close();
                    } catch (Exception e4) {
                    }
                    throw e3;
                }
            } finally {
            }
        } catch (Throwable th) {
            Files.delete(createTempFile);
            throw th;
        }
    }

    protected final void runCommand(List<String> list) throws IOException {
        context().commands().privileged().logged().run((String[]) list.toArray(new String[0]));
    }

    String resolvconfIfacePrefix() {
        Matcher matcher;
        File file = new File("/etc/resolvconf/interface-order");
        if (!file.exists()) {
            return "";
        }
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
            try {
                Pattern compile = Pattern.compile("^([A-Za-z0-9-]+)\\*$");
                do {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        bufferedReader.close();
                        return "";
                    }
                    matcher = compile.matcher(readLine);
                } while (!matcher.matches());
                String group = matcher.group(1);
                bufferedReader.close();
                return group;
            } finally {
            }
        } catch (IOException e) {
            throw new UncheckedIOException(e);
        }
    }

    private boolean isEnabled(Path path) {
        try {
            BufferedReader newBufferedReader = Files.newBufferedReader(path);
            try {
                boolean equals = newBufferedReader.readLine().equals("1");
                if (newBufferedReader != null) {
                    newBufferedReader.close();
                }
                return equals;
            } finally {
            }
        } catch (IOException e) {
            throw new UncheckedIOException(e);
        }
    }

    private List<String> getNatInterfaces() throws IOException {
        ArrayList arrayList = new ArrayList();
        Iterator it = this.context.commands().privileged().output(new String[]{"iptables", "-t", "nat", "-L", "POSTROUTING", "-v"}).iterator();
        while (it.hasNext()) {
            String[] split = ((String) it.next()).split("\\s+");
            if (split.length > 6 && split[2].equals("MASQUERADE")) {
                arrayList.add(split[6]);
            }
        }
        Collections.sort(arrayList);
        return arrayList;
    }
}
