package com.github.megatronking.netbare;

import android.os.Process;
import com.github.megatronking.netbare.gateway.Request;
import com.github.megatronking.netbare.gateway.Response;
import com.github.megatronking.netbare.gateway.VirtualGateway;
import com.github.megatronking.netbare.ip.Protocol;
import com.github.megatronking.netbare.net.Session;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.HashSet;
import java.util.Iterator;
import kotlin.UShort;

/* loaded from: classes.dex */
public final class NetBareVirtualGateway extends VirtualGateway {
    private static final int POLICY_ALLOWED = 1;
    private static final int POLICY_DISALLOWED = 2;
    private static final int POLICY_INDETERMINATE = 0;
    private final VirtualGateway mGateway;
    private final NetBareXLog mLog;
    private int mPolicy;
    private boolean mRequestFinished;
    private boolean mResponseFinished;
    private final Session mSession;

    public NetBareVirtualGateway(Session session, Request request, Response response) {
        super(session, request, response);
        this.mGateway = NetBare.get().getGatewayFactory().create(session, request, response);
        this.mSession = session;
        this.mLog = new NetBareXLog(session);
        NetBareConfig config = NetBare.get().getConfig();
        if (config != null && (!config.excludeSelf || session.uid != Process.myUid())) {
            this.mPolicy = 0;
        } else {
            this.mLog.w("Exclude an app-self connection!");
            this.mPolicy = 2;
        }
    }

    private boolean isHttp(ByteBuffer byteBuffer) {
        switch (byteBuffer.get(byteBuffer.position())) {
            case 67:
            case 68:
            case 71:
            case 72:
            case 79:
            case 80:
            case 84:
                return true;
            default:
                return false;
        }
    }

    private String parseHttpHost(byte[] bArr, int i, int i2) {
        String[] split = new String(bArr, i, i2).split(NetBareUtils.LINE_END_REGEX);
        if (split.length <= 1) {
            return null;
        }
        for (int i3 = 1; i3 < split.length; i3++) {
            String str = split[i3];
            if (str.isEmpty()) {
                return null;
            }
            String[] split2 = str.split(":");
            if (split2.length < 2) {
                return null;
            }
            String trim = split2[0].trim();
            String trim2 = str.replaceFirst(split2[0] + ": ", "").trim();
            if (trim.toLowerCase().equals("host")) {
                return trim2;
            }
        }
        return null;
    }

    private String parseHttpsHost(byte[] bArr, int i, int i2) {
        int i3 = i + i2;
        if (i2 <= 43 || bArr[i] != 22) {
            this.mLog.w("Failed to get host from SNI: Bad ssl packet.");
            return null;
        }
        int i4 = i + 43;
        int i5 = i4 + 1;
        if (i5 > i3) {
            this.mLog.w("Failed to get host from SNI: No session id.");
            return null;
        }
        int i6 = i5 + (bArr[i4] & 255);
        int i7 = i6 + 2;
        if (i7 > i3) {
            this.mLog.w("Failed to get host from SNI: No cipher suites.");
            return null;
        }
        int readShort = i7 + (readShort(bArr, i6) & UShort.MAX_VALUE);
        int i8 = readShort + 1;
        if (i8 > i3) {
            this.mLog.w("Failed to get host from SNI: No compression method.");
            return null;
        }
        int i9 = i8 + (bArr[readShort] & 255);
        int i10 = i9 + 2;
        if (i10 > i3) {
            this.mLog.w("Failed to get host from SNI: no extensions.");
            return null;
        }
        if ((readShort(bArr, i9) & UShort.MAX_VALUE) + i10 > i3) {
            this.mLog.w("Failed to get host from SNI: no sni.");
            return null;
        }
        while (i10 + 4 <= i3) {
            int i11 = i10 + 1;
            int i12 = bArr[i10] & 255;
            int i13 = i11 + 1;
            int i14 = bArr[i11] & 255;
            int readShort2 = readShort(bArr, i13) & UShort.MAX_VALUE;
            int i15 = i13 + 2;
            if (i12 == 0 && i14 == 0 && readShort2 > 5) {
                int i16 = i15 + 5;
                int i17 = readShort2 - 5;
                if (i16 + i17 > i3) {
                    return null;
                }
                return new String(bArr, i16, i17);
            }
            i10 = i15 + readShort2;
        }
        this.mLog.w("Failed to get host from SNI: no host.");
        return null;
    }

    private short readShort(byte[] bArr, int i) {
        return (short) ((bArr[i + 1] & 255) | ((bArr[i] & 255) << 8));
    }

    private void resolvePolicyIfNecessary(ByteBuffer byteBuffer) {
        if (this.mPolicy == 0 && byteBuffer.hasRemaining()) {
            if (this.mSession.protocol != Protocol.TCP) {
                this.mPolicy = 1;
                return;
            }
            String parseHttpHost = isHttp(byteBuffer) ? parseHttpHost(byteBuffer.array(), byteBuffer.position(), byteBuffer.remaining()) : parseHttpsHost(byteBuffer.array(), byteBuffer.position(), byteBuffer.remaining());
            if (parseHttpHost == null) {
                this.mPolicy = 1;
                return;
            }
            this.mSession.host = parseHttpHost;
            NetBareConfig config = NetBare.get().getConfig();
            HashSet hashSet = new HashSet(config.allowedHosts);
            HashSet hashSet2 = new HashSet(config.disallowedHosts);
            boolean isEmpty = hashSet.isEmpty();
            boolean isEmpty2 = hashSet2.isEmpty();
            if (isEmpty && isEmpty2) {
                this.mPolicy = 1;
                return;
            }
            if (!isEmpty2) {
                Iterator it = hashSet2.iterator();
                while (it.hasNext()) {
                    if (((String) it.next()).equals(parseHttpHost)) {
                        this.mPolicy = 2;
                        return;
                    }
                }
                Iterator it2 = hashSet2.iterator();
                while (it2.hasNext()) {
                    if (((String) it2.next()).equals(NetBareUtils.convertIp(this.mSession.remoteIp))) {
                        this.mPolicy = 2;
                        return;
                    }
                }
            }
            if (isEmpty) {
                this.mPolicy = 1;
                return;
            }
            Iterator it3 = hashSet.iterator();
            while (it3.hasNext()) {
                if (((String) it3.next()).equals(parseHttpHost)) {
                    this.mPolicy = 1;
                    return;
                }
            }
            Iterator it4 = hashSet.iterator();
            while (it4.hasNext()) {
                if (((String) it4.next()).equals(NetBareUtils.convertIp(this.mSession.remoteIp))) {
                    this.mPolicy = 1;
                    return;
                }
            }
            this.mPolicy = 2;
        }
    }

    @Override // com.github.megatronking.netbare.gateway.VirtualGateway
    public void onRequest(ByteBuffer byteBuffer) throws IOException {
        if (this.mRequestFinished) {
            this.mLog.w("Drop a buffer due to request has finished.");
            return;
        }
        resolvePolicyIfNecessary(byteBuffer);
        int i = this.mPolicy;
        if (i == 1) {
            this.mGateway.onRequest(byteBuffer);
        } else if (i == 2) {
            super.onRequest(byteBuffer);
        }
    }

    @Override // com.github.megatronking.netbare.gateway.VirtualGateway
    public void onRequestFinished() {
        if (this.mRequestFinished) {
            return;
        }
        this.mLog.i("Gateway request finished!");
        this.mRequestFinished = true;
        int i = this.mPolicy;
        if (i == 1) {
            this.mGateway.onRequestFinished();
        } else if (i == 2) {
            super.onRequestFinished();
        }
    }

    @Override // com.github.megatronking.netbare.gateway.VirtualGateway
    public void onResponse(ByteBuffer byteBuffer) throws IOException {
        if (this.mResponseFinished) {
            this.mLog.w("Drop a buffer due to response has finished.");
            return;
        }
        resolvePolicyIfNecessary(byteBuffer);
        int i = this.mPolicy;
        if (i == 1) {
            this.mGateway.onResponse(byteBuffer);
        } else if (i == 2) {
            super.onResponse(byteBuffer);
        }
    }

    @Override // com.github.megatronking.netbare.gateway.VirtualGateway
    public void onResponseFinished() {
        if (this.mResponseFinished) {
            return;
        }
        this.mLog.i("Gateway response finished!");
        this.mResponseFinished = true;
        int i = this.mPolicy;
        if (i == 1) {
            this.mGateway.onResponseFinished();
        } else if (i == 2) {
            super.onResponseFinished();
        }
    }
}
