package com.cisco.anyconnect.vpn.interceptor;

import android.content.BroadcastReceiver;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.ServiceConnection;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import androidx.core.content.ContextCompat;
import com.cisco.android.nchs.Globals;
import com.cisco.android.nchs.NetworkComponentHostService;
import com.cisco.android.nchs.aidl.IICSSupportService;
import com.cisco.android.nchs.aidl.INetworkComponentHostService;
import com.cisco.android.nchs.support.ics.ICSSupportService;
import com.cisco.anyconnect.vpn.agent.IVpnAgentService;
import com.cisco.anyconnect.vpn.agent.VpnAgentService;
import com.cisco.anyconnect.vpn.android.util.AppLog;
import com.cisco.anyconnect.vpn.interceptor.NetworkFlow;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;

/* loaded from: classes.dex */
public class NetworkInterceptor implements NetworkFlow.INetworkFlowCB {
    private IICSSupportService mAVFService;
    private final ServiceConnection mAVFServiceConn;
    private NetworkInterceptorConfig mActiveConfig;
    private final ServiceConnection mAgentServiceConn;
    private INetworkInterceptorCB mCallback;
    private Context mContext;
    private final ExecutorService mExecutor;
    private NetworkInterceptorIPC mIPC;
    private InitSubstate mInitSubstate;
    private FailureCode mLastFailureCode;
    private INetworkComponentHostService mNCHS;
    private final ServiceConnection mNCHSConnection;
    private NetworkInterceptorConfig mPendingConfig;
    private final BroadcastReceiver mReceiver;
    private State mState;
    private IVpnAgentService mVpnAgentService;

    /* loaded from: classes.dex */
    private enum ConfigSubstate {
        NA,
        WAIT_IPC,
        WAIT_APPLY_CONFIG
    }

    /* loaded from: classes.dex */
    public enum FailureCode {
        IPC_ERROR,
        BAD_PARAMETER,
        TIMEOUT,
        UNKNOWN,
        INIT_FAILURE,
        CONFIGURE_FAILURE,
        REVOKED
    }

    /* loaded from: classes.dex */
    public interface INetworkInterceptorCB {
        void handleFlowClosed(NetworkFlow networkFlow);

        void handleFlowData(NetworkFlow networkFlow, ByteBuffer byteBuffer);

        void handleStateChange(State state, State state2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public enum InitSubstate {
        NA,
        WAIT_BIND_NCHS,
        WAIT_BIND_AGENT,
        WAIT_BIND_AVF
    }

    /* loaded from: classes.dex */
    public enum State {
        DISABLED,
        INITIALIZING,
        INITIALIZED,
        CONFIGURING,
        CONFIGURED
    }

    /* loaded from: classes.dex */
    private class WriteFlowDataTask implements Callable<Void> {
        ByteBuffer mData;
        NetworkFlow mFlow;

        WriteFlowDataTask(NetworkFlow networkFlow, ByteBuffer byteBuffer) {
            this.mFlow = networkFlow;
            this.mData = byteBuffer;
        }

        @Override // java.util.concurrent.Callable
        public Void call() throws Exception {
            State state = NetworkInterceptor.this.mState;
            State unused = NetworkInterceptor.this.mState;
            if (state != State.CONFIGURING) {
                State state2 = NetworkInterceptor.this.mState;
                State unused2 = NetworkInterceptor.this.mState;
                if (state2 != State.CONFIGURED) {
                    AppLog.error(this, "invalid state for write task: " + NetworkInterceptor.this.mState);
                    return null;
                }
            }
            if (NetworkInterceptor.this.mIPC == null) {
                AppLog.error(this, "unexpected null IPC in WriteFlowDataTask");
                return null;
            }
            NetworkInterceptor.this.mIPC.handleWriteData(this.mFlow, this.mData);
            return null;
        }
    }

    public NetworkInterceptor(Context context, INetworkInterceptorCB iNetworkInterceptorCB) {
        BroadcastReceiver broadcastReceiver = new BroadcastReceiver() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.1
            @Override // android.content.BroadcastReceiver
            public void onReceive(Context context2, Intent intent) {
                if (intent.getAction().equals(Globals.ACTION_VPN_REVOKED)) {
                    AppLog.warn(NetworkInterceptor.this, "ddx8 VPN revoked");
                    NetworkInterceptor.this.mExecutor.submit(new Callable<Void>() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.1.1
                        @Override // java.util.concurrent.Callable
                        public Void call() throws Exception {
                            NetworkInterceptor.this.handleFailure(FailureCode.REVOKED);
                            return null;
                        }
                    });
                } else {
                    AppLog.error(NetworkInterceptor.this, "received unexpected intent: " + intent.getAction());
                }
            }
        };
        this.mReceiver = broadcastReceiver;
        this.mExecutor = Executors.newSingleThreadExecutor();
        this.mState = State.DISABLED;
        this.mInitSubstate = InitSubstate.NA;
        this.mNCHSConnection = new ServiceConnection() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.9
            @Override // android.content.ServiceConnection
            public void onServiceConnected(ComponentName componentName, final IBinder iBinder) {
                AppLog.info(this, "ddx nchs connected");
                NetworkInterceptor.this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.9.2
                    @Override // java.lang.Runnable
                    public void run() {
                        NetworkInterceptor.this.mNCHS = INetworkComponentHostService.Stub.asInterface(iBinder);
                        NetworkInterceptor.this.onNCHSConnected();
                    }
                });
            }

            @Override // android.content.ServiceConnection
            public void onServiceDisconnected(ComponentName componentName) {
                AppLog.warn(NetworkInterceptor.this, "NCHS disconnected");
                NetworkInterceptor.this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.9.1
                    @Override // java.lang.Runnable
                    public void run() {
                        NetworkInterceptor.this.mNCHS = null;
                    }
                });
            }
        };
        this.mAgentServiceConn = new ServiceConnection() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.10
            @Override // android.content.ServiceConnection
            public void onServiceConnected(ComponentName componentName, final IBinder iBinder) {
                AppLog.info(this, "ddx agent connected");
                NetworkInterceptor.this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.10.2
                    @Override // java.lang.Runnable
                    public void run() {
                        NetworkInterceptor.this.mVpnAgentService = IVpnAgentService.Stub.asInterface(iBinder);
                        NetworkInterceptor.this.onAgentConnected();
                    }
                });
            }

            @Override // android.content.ServiceConnection
            public void onServiceDisconnected(ComponentName componentName) {
                AppLog.info(NetworkInterceptor.this, "VpnAgentService disconnected");
                NetworkInterceptor.this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.10.1
                    @Override // java.lang.Runnable
                    public void run() {
                        NetworkInterceptor.this.mVpnAgentService = null;
                    }
                });
            }
        };
        this.mAVFServiceConn = new ServiceConnection() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.11
            @Override // android.content.ServiceConnection
            public void onServiceConnected(ComponentName componentName, final IBinder iBinder) {
                AppLog.info(this, "ddx AVF connected");
                NetworkInterceptor.this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.11.2
                    @Override // java.lang.Runnable
                    public void run() {
                        NetworkInterceptor.this.mAVFService = IICSSupportService.Stub.asInterface(iBinder);
                        NetworkInterceptor.this.onAVFConnected();
                    }
                });
            }

            @Override // android.content.ServiceConnection
            public void onServiceDisconnected(ComponentName componentName) {
                AppLog.info(NetworkInterceptor.this, "AVF Service disconnected");
                NetworkInterceptor.this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.11.1
                    @Override // java.lang.Runnable
                    public void run() {
                        NetworkInterceptor.this.mAVFService = null;
                    }
                });
            }
        };
        this.mContext = context;
        this.mCallback = iNetworkInterceptorCB;
        this.mIPC = new NetworkInterceptorIPC(this, context);
        ContextCompat.registerReceiver(context, broadcastReceiver, new IntentFilter(Globals.ACTION_VPN_REVOKED), 2);
    }

    private void bindToAVF() {
        AppLog.info(this, "ddx bindToAVF");
        setInitSubstate(InitSubstate.WAIT_BIND_AVF);
        if (this.mAVFService != null) {
            onAVFConnected();
            return;
        }
        if (this.mContext.bindService(new Intent(this.mContext, (Class<?>) ICSSupportService.class), this.mAVFServiceConn, 1)) {
            return;
        }
        AppLog.error(this, "failed to bind to AVF Service");
        handleFailure(FailureCode.INIT_FAILURE);
    }

    private void bindToAgent() {
        AppLog.info(this, "ddx bindToAgent");
        setInitSubstate(InitSubstate.WAIT_BIND_AGENT);
        if (this.mVpnAgentService != null) {
            onAgentConnected();
            return;
        }
        if (this.mContext.bindService(new Intent(this.mContext, (Class<?>) VpnAgentService.class), this.mAgentServiceConn, 1)) {
            return;
        }
        AppLog.error(this, "failed to bind to VPN agent");
        handleFailure(FailureCode.INIT_FAILURE);
    }

    private void bindToNCHS() {
        AppLog.info(this, "ddx bindToNCHS");
        setInitSubstate(InitSubstate.WAIT_BIND_NCHS);
        if (this.mNCHS != null) {
            onNCHSConnected();
            return;
        }
        if (this.mContext.bindService(new Intent(this.mContext, (Class<?>) NetworkComponentHostService.class), this.mNCHSConnection, 1)) {
            return;
        }
        AppLog.error(this, "failed to bind to NCHS");
        handleFailure(FailureCode.INIT_FAILURE);
    }

    private boolean canUseServices() {
        return this.mState == State.INITIALIZED || this.mState == State.CONFIGURED || this.mState == State.CONFIGURING;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean handleConfigure(NetworkInterceptorConfig networkInterceptorConfig) {
        AppLog.info(this, "ddxc start handle config");
        if (this.mState != State.INITIALIZED && this.mState != State.CONFIGURED) {
            AppLog.error(this, "invalid state for configure: " + this.mState);
            return false;
        }
        if (networkInterceptorConfig == null) {
            AppLog.error(this, "Unexpected null config");
            return false;
        }
        if (networkInterceptorConfig.equals(this.mActiveConfig)) {
            AppLog.warn(this, "ddxc Ignoring configure because config is same as active config");
            return true;
        }
        try {
            NetworkInterceptorIPC networkInterceptorIPC = this.mIPC;
            if (networkInterceptorIPC == null) {
                AppLog.error(this, "unexpected null IPC in handleConfigure");
                return false;
            }
            if (!networkInterceptorIPC.isConnected()) {
                this.mIPC.connect();
            }
            this.mPendingConfig = networkInterceptorConfig;
            transitionState(State.CONFIGURING);
            this.mIPC.configure(networkInterceptorConfig);
            AppLog.info(this, "ddx fin handle config");
            return true;
        } catch (IOException e) {
            AppLog.error(this, "unexpected IOException connecting IPC socket", e);
            handleFailure(FailureCode.IPC_ERROR);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleDisable() {
        if (State.DISABLED == this.mState) {
            return;
        }
        if (this.mVpnAgentService != null) {
            try {
                this.mContext.unbindService(this.mAgentServiceConn);
            } catch (Exception unused) {
            }
            this.mVpnAgentService = null;
        }
        if (this.mNCHS != null) {
            try {
                this.mContext.unbindService(this.mNCHSConnection);
            } catch (Exception unused2) {
            }
            this.mNCHS = null;
        }
        if (this.mAVFService != null) {
            try {
                this.mContext.unbindService(this.mAVFServiceConn);
            } catch (Exception unused3) {
            }
            this.mAVFService = null;
        }
        NetworkInterceptorIPC networkInterceptorIPC = this.mIPC;
        if (networkInterceptorIPC != null) {
            networkInterceptorIPC.close();
            this.mIPC = null;
        }
        transitionState(State.DISABLED);
        this.mContext.unregisterReceiver(this.mReceiver);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleFailure(FailureCode failureCode) {
        this.mLastFailureCode = failureCode;
        this.mInitSubstate = InitSubstate.NA;
        handleDisable();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean handleInitialize() {
        AppLog.info(this, "ddx start initialize");
        if (this.mState == State.DISABLED) {
            bindToNCHS();
            transitionState(State.INITIALIZING);
            return true;
        }
        AppLog.error(this, "invalid state for initialize: " + this.mState);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean handleProtect(ParcelFileDescriptor parcelFileDescriptor) {
        if (!canUseServices()) {
            AppLog.info(this, "cannot protect in state: " + this.mState);
            return false;
        }
        try {
            AppLog.info(this, "ddx calling protect to avf");
            boolean protect = this.mAVFService.protect(parcelFileDescriptor);
            AppLog.info(this, "ddx protect result: " + protect);
            return protect;
        } catch (Exception e) {
            AppLog.error(this, "protect failed", e);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onAVFConnected() {
        AppLog.info(this, "ddx AVF connected");
        transitionState(State.INITIALIZED);
        this.mInitSubstate = InitSubstate.NA;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onAgentConnected() {
        AppLog.info(this, "ddx onAgentConnected");
        bindToAVF();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onNCHSConnected() {
        AppLog.info(this, "ddx onNCHSConnected");
        try {
            if (this.mNCHS.StartVpnAgent()) {
                bindToAgent();
                setInitSubstate(InitSubstate.WAIT_BIND_AGENT);
            } else {
                AppLog.error(this, "Failed to start VPN Agent");
                handleFailure(FailureCode.INIT_FAILURE);
            }
        } catch (Exception e) {
            AppLog.error(this, "startVpnAgent failed", e);
            handleFailure(FailureCode.INIT_FAILURE);
        }
    }

    private void setInitSubstate(InitSubstate initSubstate) {
        if (initSubstate == this.mInitSubstate) {
            AppLog.warn(this, "dupe state: " + initSubstate);
        } else {
            AppLog.info(this, "transition init substate " + this.mInitSubstate + " -> " + initSubstate);
            this.mInitSubstate = initSubstate;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void transitionState(State state) {
        if (state == this.mState) {
            return;
        }
        AppLog.info(this, "ddxc transition NetworkInterceptorState: " + this.mState + " -> " + state);
        State state2 = this.mState;
        this.mState = state;
        this.mCallback.handleStateChange(state2, state);
    }

    public boolean configure(final NetworkInterceptorConfig networkInterceptorConfig) {
        try {
            return ((Boolean) this.mExecutor.submit(new Callable<Boolean>() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.5
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Boolean call() throws Exception {
                    return Boolean.valueOf(NetworkInterceptor.this.handleConfigure(networkInterceptorConfig));
                }
            }).get(500L, TimeUnit.MILLISECONDS)).booleanValue();
        } catch (Exception e) {
            AppLog.error(this, "configure task failed", e);
            return false;
        }
    }

    public void disable() {
        try {
            this.mExecutor.submit(new Callable<Void>() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.7
                @Override // java.util.concurrent.Callable
                public Void call() throws Exception {
                    NetworkInterceptor.this.mLastFailureCode = null;
                    NetworkInterceptor.this.handleDisable();
                    return null;
                }
            }).get(300L, TimeUnit.MILLISECONDS);
        } catch (Exception e) {
            AppLog.error(this, "disable task failed", e);
        }
    }

    public NetworkInterceptorConfig getActiveConfig() {
        try {
            return (NetworkInterceptorConfig) this.mExecutor.submit(new Callable<NetworkInterceptorConfig>() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.4
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public NetworkInterceptorConfig call() throws Exception {
                    return NetworkInterceptor.this.mActiveConfig;
                }
            }).get(100L, TimeUnit.MILLISECONDS);
        } catch (Exception e) {
            AppLog.error(this, "queryState failed", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public INetworkInterceptorCB getCallback() {
        return this.mCallback;
    }

    public FailureCode getLastFailureCode() {
        return this.mLastFailureCode;
    }

    public State getState() {
        try {
            return (State) this.mExecutor.submit(new Callable<State>() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public State call() throws Exception {
                    return NetworkInterceptor.this.mState;
                }
            }).get(100L, TimeUnit.MILLISECONDS);
        } catch (Exception e) {
            AppLog.error(this, "queryState failed", e);
            return null;
        }
    }

    @Override // com.cisco.anyconnect.vpn.interceptor.NetworkFlow.INetworkFlowCB
    public void handleWriteData(NetworkFlow networkFlow, ByteBuffer byteBuffer) {
        try {
            this.mExecutor.submit(new WriteFlowDataTask(networkFlow, byteBuffer)).get(100L, TimeUnit.MILLISECONDS);
        } catch (Exception e) {
            AppLog.error(this, "write flow data task failed", e);
        }
    }

    public boolean initialize() {
        try {
            return ((Boolean) this.mExecutor.submit(new Callable<Boolean>() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Boolean call() throws Exception {
                    return Boolean.valueOf(NetworkInterceptor.this.handleInitialize());
                }
            }).get(1000L, TimeUnit.MILLISECONDS)).booleanValue();
        } catch (Exception e) {
            AppLog.error(this, "init task failed", e);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onConfigureResult(final boolean z) {
        this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.8
            @Override // java.lang.Runnable
            public void run() {
                if (!z) {
                    AppLog.error(this, "configure failed");
                    NetworkInterceptor.this.handleFailure(FailureCode.CONFIGURE_FAILURE);
                    return;
                }
                NetworkInterceptor.this.transitionState(State.CONFIGURED);
                if (NetworkInterceptor.this.mPendingConfig == null) {
                    AppLog.error(this, "Unexpected null pending config. Not updating active config");
                } else {
                    NetworkInterceptor networkInterceptor = NetworkInterceptor.this;
                    networkInterceptor.mActiveConfig = networkInterceptor.mPendingConfig;
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onIPCException(Exception exc) {
        this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.12
            @Override // java.lang.Runnable
            public void run() {
                if (NetworkInterceptor.this.mState == State.DISABLED) {
                    return;
                }
                AppLog.error(this, "IPC exception");
                NetworkInterceptor.this.handleFailure(FailureCode.IPC_ERROR);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void onIPCReadShutdown() {
        this.mExecutor.submit(new Runnable() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.13
            @Override // java.lang.Runnable
            public void run() {
                if (NetworkInterceptor.this.mState == State.DISABLED) {
                    return;
                }
                AppLog.error(this, "IPC read shutdown");
                NetworkInterceptor.this.handleFailure(FailureCode.IPC_ERROR);
            }
        });
    }

    public boolean protect(final ParcelFileDescriptor parcelFileDescriptor) {
        try {
            return ((Boolean) this.mExecutor.submit(new Callable<Boolean>() { // from class: com.cisco.anyconnect.vpn.interceptor.NetworkInterceptor.6
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public Boolean call() throws Exception {
                    return Boolean.valueOf(NetworkInterceptor.this.handleProtect(parcelFileDescriptor));
                }
            }).get(250L, TimeUnit.MILLISECONDS)).booleanValue();
        } catch (Exception e) {
            AppLog.error(this, "protect task failed", e);
            return false;
        }
    }
}
