package org.torproject.android.service.transproxy;

import android.content.Context;
import android.content.SharedPreferences;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.StringTokenizer;
import org.sufficientlysecure.rootcommands.Shell;
import org.sufficientlysecure.rootcommands.command.SimpleCommand;
import org.torproject.android.service.OrbotConstants;
import org.torproject.android.service.TorService;
import org.torproject.android.service.TorServiceConstants;
import org.torproject.android.service.util.Prefs;

/* loaded from: classes.dex */
public class TorTransProxy implements TorServiceConstants {
    private static final String ALLOW_LOCAL = " ! -d 127.0.0.1";
    private File mFileXtables;
    private TorService mTorService;
    private String mSysIptables = null;
    private int mTransProxyPort = TorServiceConstants.TOR_TRANSPROXY_PORT_DEFAULT;
    private int mDNSPort = TorServiceConstants.TOR_DNS_PORT_DEFAULT;
    private Shell mShell = Shell.startRootShell();

    public TorTransProxy(TorService torService, File file) throws IOException {
        this.mTorService = null;
        this.mFileXtables = null;
        this.mTorService = torService;
        this.mFileXtables = file;
    }

    private int executeCommand(String str) throws Exception {
        SimpleCommand simpleCommand = new SimpleCommand(str);
        this.mShell.add(simpleCommand).waitForFinish();
        logMessage("Command Exec: " + str);
        logMessage("Output: " + simpleCommand.getOutput());
        logMessage("Exit code: " + simpleCommand.getExitCode());
        return 0;
    }

    private String findSystemIP6Tables() {
        File file = new File("/system/xbin/ip6tables");
        if (file.exists()) {
            this.mSysIptables = file.getAbsolutePath();
        } else {
            File file2 = new File("/system/bin/ip6tables");
            if (file2.exists()) {
                this.mSysIptables = file2.getAbsolutePath();
            }
        }
        return this.mSysIptables;
    }

    private String findSystemIPTables() {
        if (this.mSysIptables != null) {
            return this.mSysIptables;
        }
        File file = new File("/system/xbin/iptables");
        if (file.exists()) {
            this.mSysIptables = file.getAbsolutePath();
        } else {
            File file2 = new File("/system/bin/iptables");
            if (file2.exists()) {
                this.mSysIptables = file2.getAbsolutePath();
            }
        }
        return this.mSysIptables;
    }

    public static ArrayList<TorifiedApp> getApps(Context context, SharedPreferences sharedPreferences) {
        StringTokenizer stringTokenizer = new StringTokenizer(sharedPreferences.getString(OrbotConstants.PREFS_KEY_TORIFIED, ""), "|");
        String[] strArr = new String[stringTokenizer.countTokens()];
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            strArr[i] = stringTokenizer.nextToken();
            i++;
        }
        Arrays.sort(strArr);
        PackageManager packageManager = context.getPackageManager();
        ArrayList<TorifiedApp> arrayList = new ArrayList<>();
        int i2 = 0;
        for (ApplicationInfo applicationInfo : packageManager.getInstalledApplications(0)) {
            TorifiedApp torifiedApp = new TorifiedApp();
            try {
                PackageInfo packageInfo = packageManager.getPackageInfo(applicationInfo.packageName, 4096);
                if (packageInfo != null && packageInfo.requestedPermissions != null) {
                    for (String str : packageInfo.requestedPermissions) {
                        if (str.equals("android.permission.INTERNET")) {
                            torifiedApp.setUsesInternet(true);
                        }
                    }
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
            if ((applicationInfo.flags & 1) == 1) {
                torifiedApp.setUsesInternet(true);
            }
            if (torifiedApp.usesInternet()) {
                arrayList.add(torifiedApp);
                torifiedApp.setEnabled(applicationInfo.enabled);
                torifiedApp.setUid(applicationInfo.uid);
                torifiedApp.setUsername(packageManager.getNameForUid(torifiedApp.getUid()));
                torifiedApp.setProcname(applicationInfo.processName);
                torifiedApp.setPackageName(applicationInfo.packageName);
                try {
                    torifiedApp.setName(packageManager.getApplicationLabel(applicationInfo).toString());
                } catch (Exception e2) {
                    torifiedApp.setName(applicationInfo.packageName);
                }
                if (Arrays.binarySearch(strArr, torifiedApp.getUsername()) >= 0) {
                    torifiedApp.setTorified(true);
                } else {
                    torifiedApp.setTorified(false);
                }
                i2++;
            }
        }
        Collections.sort(arrayList);
        return arrayList;
    }

    private void logMessage(String str) {
        if (this.mTorService != null) {
            this.mTorService.debug(str);
        }
    }

    public static boolean testRoot() throws IOException {
        Runtime.getRuntime().exec("su");
        return true;
    }

    public void closeShell() throws IOException {
        this.mShell.close();
    }

    public int dropAllIPv6Traffic(Context context, int i, boolean z) throws Exception {
        String str = z ? " -A " : " -D ";
        String ip6TablesPath = getIp6TablesPath(context);
        StringBuilder sb = new StringBuilder();
        sb.append(ip6TablesPath);
        sb.append(str);
        sb.append("OUTPUT");
        if (i != -1) {
            sb.append(" -m owner --uid-owner ");
            sb.append(i);
        }
        sb.append(" -j DROP");
        return executeCommand(sb.toString());
    }

    public int enableTetheringRules(Context context) throws Exception {
        String ipTablesPath = getIpTablesPath(context);
        new StringBuilder();
        String[] strArr = {"usb0", "wl0.1"};
        int i = -1;
        for (int i2 = 0; i2 < strArr.length; i2++) {
            executeCommand(ipTablesPath + " -t nat -A PREROUTING -i " + strArr[i2] + " -p udp --dport 53 -j REDIRECT --to-ports " + this.mDNSPort);
            new StringBuilder();
            i = executeCommand(ipTablesPath + " -t nat -A PREROUTING -i " + strArr[i2] + " -p tcp -j REDIRECT --to-ports " + this.mTransProxyPort);
            new StringBuilder();
        }
        return i;
    }

    public int fixTransproxyLeak(Context context) throws Exception {
        String ipTablesPath = getIpTablesPath(context);
        executeCommand(ipTablesPath + " -I OUTPUT ! -o lo ! -d 127.0.0.1 ! -s 127.0.0.1 -p tcp -m tcp --tcp-flags ACK,FIN ACK,FIN -j DROP");
        new StringBuilder();
        int executeCommand = executeCommand(ipTablesPath + " -I OUTPUT ! -o lo ! -d 127.0.0.1 ! -s 127.0.0.1 -p tcp -m tcp --tcp-flags ACK,RST ACK,RST -j DROP");
        new StringBuilder();
        return executeCommand;
    }

    public int flushTransproxyRules(Context context) throws Exception {
        String ipTablesPath = getIpTablesPath(context);
        executeCommand(ipTablesPath + " -t nat  -F ");
        executeCommand(ipTablesPath + " -t filter  -F ");
        dropAllIPv6Traffic(context, -1, false);
        dropAllIPv6Traffic(context, -1, false);
        return -1;
    }

    public String getIp6TablesPath(Context context) {
        if (Prefs.useSystemIpTables()) {
            return findSystemIP6Tables();
        }
        return this.mFileXtables.getAbsolutePath() + " ip6tables";
    }

    public String getIpTablesPath(Context context) {
        if (Prefs.useSystemIpTables()) {
            return findSystemIPTables();
        }
        return this.mFileXtables.getAbsolutePath() + " iptables";
    }

    public void setDNSPort(int i) {
        this.mDNSPort = i;
    }

    public void setTransProxyPort(int i) {
        this.mTransProxyPort = i;
    }

    public int setTransparentProxyingAll(Context context, boolean z) throws Exception {
        String str = z ? " -A " : " -D ";
        dropAllIPv6Traffic(context, -1, z);
        String ipTablesPath = getIpTablesPath(context);
        int i = context.getApplicationInfo().uid;
        StringBuilder sb = new StringBuilder();
        sb.append(ipTablesPath);
        sb.append(" -t nat");
        sb.append(str).append("OUTPUT");
        sb.append(" -m owner --uid-owner ");
        sb.append(i);
        sb.append(" -j ACCEPT");
        executeCommand(sb.toString());
        StringBuilder sb2 = new StringBuilder();
        sb2.append(ipTablesPath);
        sb2.append(" -t nat");
        sb2.append(str).append("OUTPUT");
        sb2.append(" -o lo");
        sb2.append(" -j ACCEPT");
        executeCommand(sb2.toString());
        StringBuilder sb3 = new StringBuilder();
        sb3.append(ipTablesPath);
        sb3.append(" -t nat");
        sb3.append(str).append("OUTPUT");
        sb3.append(" -p tcp");
        sb3.append(ALLOW_LOCAL);
        sb3.append(" -m owner ! --uid-owner ");
        sb3.append(i);
        sb3.append(" -m tcp --syn");
        sb3.append(" -j REDIRECT --to-ports ");
        sb3.append(this.mTransProxyPort);
        executeCommand(sb3.toString());
        StringBuilder sb4 = new StringBuilder();
        sb4.append(ipTablesPath);
        sb4.append(" -t nat");
        sb4.append(str).append("OUTPUT");
        sb4.append(" -p udp");
        sb4.append(ALLOW_LOCAL);
        sb4.append(" -m owner ! --uid-owner ");
        sb4.append(i);
        sb4.append(" --dport ");
        sb4.append(53);
        sb4.append(" -j REDIRECT --to-ports ");
        sb4.append(this.mDNSPort);
        executeCommand(sb4.toString());
        StringBuilder sb5 = new StringBuilder();
        sb5.append(ipTablesPath);
        sb5.append(" -t filter");
        sb5.append(str).append("OUTPUT");
        sb5.append(" -p tcp");
        sb5.append(" -m tcp");
        sb5.append(" --dport ").append(this.mTransProxyPort);
        sb5.append(" -j ACCEPT");
        executeCommand(sb5.toString());
        StringBuilder sb6 = new StringBuilder();
        sb6.append(ipTablesPath);
        sb6.append(" -t filter");
        sb6.append(str).append("OUTPUT");
        sb6.append(" -p tcp");
        sb6.append(" -m tcp");
        sb6.append(" --dport ").append(this.mTorService.getHTTPPort());
        sb6.append(" -j ACCEPT");
        executeCommand(sb6.toString());
        StringBuilder sb7 = new StringBuilder();
        sb7.append(ipTablesPath);
        sb7.append(" -t filter");
        sb7.append(str).append("OUTPUT");
        sb7.append(" -p tcp");
        sb7.append(" -m tcp");
        StringBuilder append = sb7.append(" --dport ");
        TorService torService = this.mTorService;
        append.append(TorService.getSOCKSPort());
        sb7.append(" -j ACCEPT");
        executeCommand(sb7.toString());
        StringBuilder sb8 = new StringBuilder();
        sb8.append(ipTablesPath);
        sb8.append(" -t filter");
        sb8.append(str).append("OUTPUT");
        sb8.append(" -p udp");
        sb8.append(" -m udp");
        sb8.append(" --dport ").append(this.mDNSPort);
        sb8.append(" -j ACCEPT");
        executeCommand(sb8.toString());
        StringBuilder sb9 = new StringBuilder();
        sb9.append(ipTablesPath);
        sb9.append(" -t filter");
        sb9.append(str).append("OUTPUT");
        sb9.append(" -m owner ! --uid-owner ");
        sb9.append(i);
        sb9.append(ALLOW_LOCAL);
        sb9.append(" -j REJECT");
        return executeCommand(sb9.toString());
    }

    public int setTransparentProxyingByApp(Context context, ArrayList<TorifiedApp> arrayList, boolean z) throws Exception {
        String ipTablesPath = getIpTablesPath(context);
        String str = z ? " -A " : " -D ";
        int i = -1;
        StringBuilder sb = new StringBuilder();
        sb.append(ipTablesPath);
        sb.append(" -t nat");
        sb.append(str).append("OUTPUT");
        sb.append(" -p udp");
        sb.append(" --dport ");
        sb.append(53);
        sb.append(" -j REDIRECT --to-ports ");
        sb.append(this.mDNSPort);
        executeCommand(sb.toString());
        Iterator<TorifiedApp> it = arrayList.iterator();
        while (it.hasNext()) {
            TorifiedApp next = it.next();
            if (!z || next.isTorified()) {
                if (!next.getUsername().equals(TorServiceConstants.TOR_APP_USERNAME)) {
                    logMessage("transproxy for app: " + next.getUsername() + " (" + next.getUid() + "): enable=" + z);
                    dropAllIPv6Traffic(context, next.getUid(), z);
                    StringBuilder sb2 = new StringBuilder();
                    sb2.append(ipTablesPath);
                    sb2.append(" -t nat");
                    sb2.append(str).append("OUTPUT");
                    sb2.append(" -p tcp");
                    sb2.append(ALLOW_LOCAL);
                    sb2.append(" -m owner --uid-owner ");
                    sb2.append(next.getUid());
                    sb2.append(" -m tcp --syn");
                    sb2.append(" -j REDIRECT --to-ports ");
                    sb2.append(this.mTransProxyPort);
                    executeCommand(sb2.toString());
                    StringBuilder sb3 = new StringBuilder();
                    sb3.append(ipTablesPath);
                    sb3.append(" -t filter");
                    sb3.append(str).append("OUTPUT");
                    sb3.append(" -m owner --uid-owner ");
                    sb3.append(next.getUid());
                    sb3.append(ALLOW_LOCAL);
                    sb3.append(" -j REJECT");
                    i = executeCommand(sb3.toString());
                }
            }
        }
        return i;
    }
}
