package com.android.server;

import android.content.Context;
import android.net.IIpSecService;
import android.net.INetd;
import android.net.IpSecConfig;
import android.net.IpSecUdpEncapResponse;
import android.net.util.NetdService;
import android.os.Binder;
import android.os.IBinder;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
import android.system.ErrnoException;
import android.system.Os;
import android.system.OsConstants;
import android.util.Log;
import android.util.SparseArray;
import com.android.internal.util.Preconditions;
import java.io.FileDescriptor;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.util.concurrent.atomic.AtomicInteger;
import libcore.io.IoUtils;

/* loaded from: classes.dex */
public class IpSecService extends IIpSecService.Stub {

    /* renamed from: for, reason: not valid java name */
    private static final InetAddress f1478for;

    /* renamed from: new, reason: not valid java name */
    private static AtomicInteger f1480new;

    /* renamed from: byte, reason: not valid java name */
    private final ManagedResourceArray<UdpSocketRecord> f1481byte;

    /* renamed from: int, reason: not valid java name */
    private final Context f1482int;

    /* renamed from: try, reason: not valid java name */
    private final ManagedResourceArray<SpiRecord> f1483try;

    /* renamed from: do, reason: not valid java name */
    private static final boolean f1477do = Log.isLoggable("IpSecService", 3);

    /* renamed from: if, reason: not valid java name */
    private static final int[] f1479if = {1, 0};

    /* renamed from: com.android.server.IpSecService$1, reason: invalid class name */
    /* loaded from: classes.dex */
    class AnonymousClass1 extends Thread {

        /* renamed from: do, reason: not valid java name */
        final /* synthetic */ IpSecService f1484do;

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            synchronized (this.f1484do) {
                NetdService.get(5000L);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public abstract class ManagedResource implements IBinder.DeathRecipient {

        /* renamed from: for, reason: not valid java name */
        protected int f1486for;

        /* renamed from: new, reason: not valid java name */
        private IBinder f1489new;

        /* renamed from: try, reason: not valid java name */
        private AtomicInteger f1490try = new AtomicInteger(0);

        /* renamed from: do, reason: not valid java name */
        final int f1485do = Binder.getCallingPid();

        /* renamed from: if, reason: not valid java name */
        final int f1487if = Binder.getCallingUid();

        ManagedResource(int i, IBinder iBinder) {
            this.f1489new = iBinder;
            this.f1486for = i;
            try {
                this.f1489new.linkToDeath(this, 0);
            } catch (RemoteException unused) {
                binderDied();
            }
        }

        @Override // android.os.IBinder.DeathRecipient
        public final void binderDied() {
            try {
                m1020if();
            } catch (Exception e) {
                Log.e("IpSecService", "Failed to release resource: ".concat(String.valueOf(e)));
            }
        }

        /* renamed from: do, reason: not valid java name */
        public final void m1018do() {
            if (this.f1490try.decrementAndGet() < 0) {
                Log.wtf("IpSecService", "Programming error: negative reference count");
            }
        }

        /* renamed from: for, reason: not valid java name */
        protected abstract void mo1019for();

        /* renamed from: if, reason: not valid java name */
        public final void m1020if() {
            synchronized (IpSecService.this) {
                if (this.f1490try.get() > 0) {
                    throw new IllegalStateException("Cannot release a resource that has active references!");
                }
                if (this.f1486for == 0) {
                    return;
                }
                mo1019for();
                if (this.f1489new != null) {
                    this.f1489new.unlinkToDeath(this, 0);
                }
                this.f1489new = null;
                this.f1486for = 0;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class ManagedResourceArray<T extends ManagedResource> {

        /* renamed from: do, reason: not valid java name */
        SparseArray<T> f1491do;
    }

    /* loaded from: classes.dex */
    final class SpiRecord extends ManagedResource {

        /* renamed from: byte, reason: not valid java name */
        private final String f1492byte;

        /* renamed from: case, reason: not valid java name */
        private final String f1493case;

        /* renamed from: char, reason: not valid java name */
        private boolean f1494char;

        /* renamed from: new, reason: not valid java name */
        int f1495new;

        /* renamed from: try, reason: not valid java name */
        private final int f1496try;

        @Override // com.android.server.IpSecService.ManagedResource
        /* renamed from: for */
        protected final void mo1019for() {
            if (this.f1494char) {
                Log.d("IpSecService", "Cannot release Spi " + this.f1495new + ": Currently locked by a Transform");
                return;
            }
            try {
                IpSecService.m1013do().mo78if(this.f1486for, this.f1496try, this.f1492byte, this.f1493case, this.f1495new);
            } catch (RemoteException unused) {
                Log.e("IpSecService", "Failed to delete SPI reservation with ID: " + this.f1486for);
            } catch (ServiceSpecificException unused2) {
            }
            this.f1495new = 0;
        }
    }

    /* loaded from: classes.dex */
    final class TransformRecord extends ManagedResource {

        /* renamed from: byte, reason: not valid java name */
        private final UdpSocketRecord f1497byte;

        /* renamed from: new, reason: not valid java name */
        private final IpSecConfig f1498new;

        /* renamed from: try, reason: not valid java name */
        private final SpiRecord[] f1499try;

        @Override // com.android.server.IpSecService.ManagedResource
        /* renamed from: for */
        protected final void mo1019for() {
            for (int i : IpSecService.f1479if) {
                try {
                    IpSecService.m1013do().mo78if(this.f1486for, i, this.f1498new.getLocalAddress() != null ? this.f1498new.getLocalAddress().getHostAddress() : "", this.f1498new.getRemoteAddress() != null ? this.f1498new.getRemoteAddress().getHostAddress() : "", this.f1499try[i].f1495new);
                } catch (RemoteException unused) {
                    Log.e("IpSecService", "Failed to delete SA with ID: " + this.f1486for);
                } catch (ServiceSpecificException unused2) {
                }
            }
            for (int i2 : IpSecService.f1479if) {
                this.f1499try[i2].m1018do();
            }
            UdpSocketRecord udpSocketRecord = this.f1497byte;
            if (udpSocketRecord != null) {
                udpSocketRecord.m1018do();
            }
        }
    }

    /* loaded from: classes.dex */
    final class UdpSocketRecord extends ManagedResource {

        /* renamed from: byte, reason: not valid java name */
        private final int f1500byte;

        /* renamed from: try, reason: not valid java name */
        private FileDescriptor f1502try;

        UdpSocketRecord(int i, IBinder iBinder, FileDescriptor fileDescriptor, int i2) {
            super(i, iBinder);
            this.f1502try = fileDescriptor;
            this.f1500byte = i2;
        }

        @Override // com.android.server.IpSecService.ManagedResource
        /* renamed from: for */
        protected final void mo1019for() {
            Log.d("IpSecService", "Closing port " + this.f1500byte);
            IoUtils.closeQuietly(this.f1502try);
            this.f1502try = null;
        }
    }

    static {
        try {
            f1478for = InetAddress.getByAddress(new byte[]{0, 0, 0, 0});
            f1480new = new AtomicInteger(16441040);
        } catch (UnknownHostException e) {
            throw new RuntimeException(e);
        }
    }

    /* renamed from: do, reason: not valid java name */
    static INetd m1013do() {
        INetd netdService = NetdService.getInstance();
        if (netdService != null) {
            return netdService;
        }
        throw new RemoteException("Failed to Get Netd Instance");
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x0026, code lost:
    
        r0.m1020if();
        r4.f1491do.remove(r5);
     */
    /* renamed from: do, reason: not valid java name */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private synchronized <T extends com.android.server.IpSecService.ManagedResource> void m1014do(com.android.server.IpSecService.ManagedResourceArray<T> r4, int r5, java.lang.String r6) {
        /*
            r3 = this;
            monitor-enter(r3)
            android.util.SparseArray<T extends com.android.server.IpSecService$ManagedResource> r0 = r4.f1491do     // Catch: java.lang.Throwable -> L4f
            java.lang.Object r0 = r0.get(r5)     // Catch: java.lang.Throwable -> L4f
            com.android.server.IpSecService$ManagedResource r0 = (com.android.server.IpSecService.ManagedResource) r0     // Catch: java.lang.Throwable -> L4f
            if (r0 == 0) goto L24
            int r1 = r0.f1487if     // Catch: java.lang.Throwable -> L4f
            int r2 = android.os.Binder.getCallingUid()     // Catch: java.lang.Throwable -> L4f
            if (r1 == r2) goto L24
            r1 = 1000(0x3e8, float:1.401E-42)
            int r2 = android.os.Binder.getCallingUid()     // Catch: java.lang.Throwable -> L4f
            if (r1 != r2) goto L1c
            goto L24
        L1c:
            java.lang.SecurityException r4 = new java.lang.SecurityException     // Catch: java.lang.Throwable -> L4f
            java.lang.String r5 = "Only the owner may access managed resources!"
            r4.<init>(r5)     // Catch: java.lang.Throwable -> L4f
            throw r4     // Catch: java.lang.Throwable -> L4f
        L24:
            if (r0 == 0) goto L30
            r0.m1020if()     // Catch: java.lang.Throwable -> L4f
            android.util.SparseArray<T extends com.android.server.IpSecService$ManagedResource> r4 = r4.f1491do     // Catch: java.lang.Throwable -> L4f
            r4.remove(r5)     // Catch: java.lang.Throwable -> L4f
            monitor-exit(r3)
            return
        L30:
            java.lang.IllegalArgumentException r4 = new java.lang.IllegalArgumentException     // Catch: java.lang.Throwable -> L4f
            java.lang.StringBuilder r0 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L4f
            r0.<init>()     // Catch: java.lang.Throwable -> L4f
            r0.append(r6)     // Catch: java.lang.Throwable -> L4f
            java.lang.String r6 = " "
            r0.append(r6)     // Catch: java.lang.Throwable -> L4f
            r0.append(r5)     // Catch: java.lang.Throwable -> L4f
            java.lang.String r5 = " is not available to be deleted"
            r0.append(r5)     // Catch: java.lang.Throwable -> L4f
            java.lang.String r5 = r0.toString()     // Catch: java.lang.Throwable -> L4f
            r4.<init>(r5)     // Catch: java.lang.Throwable -> L4f
            throw r4     // Catch: java.lang.Throwable -> L4f
        L4f:
            r4 = move-exception
            monitor-exit(r3)
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: com.android.server.IpSecService.m1014do(com.android.server.IpSecService$ManagedResourceArray, int, java.lang.String):void");
    }

    /* renamed from: do, reason: not valid java name */
    private static void m1015do(FileDescriptor fileDescriptor) {
        for (int i = 10; i > 0; i--) {
            try {
                FileDescriptor socket = Os.socket(OsConstants.AF_INET, OsConstants.SOCK_DGRAM, OsConstants.IPPROTO_UDP);
                Os.bind(socket, f1478for, 0);
                int port = ((InetSocketAddress) Os.getsockname(socket)).getPort();
                Os.close(socket);
                Log.v("IpSecService", "Binding to port ".concat(String.valueOf(port)));
                Os.bind(fileDescriptor, f1478for, port);
                return;
            } catch (ErrnoException e) {
                if (e.errno != OsConstants.EADDRINUSE) {
                    throw e.rethrowAsIOException();
                }
            }
        }
        throw new IOException("Failed 10 attempts to bind to a port");
    }

    /* renamed from: for, reason: not valid java name */
    private synchronized boolean m1016for() {
        try {
            INetd m1013do = m1013do();
            if (m1013do == null) {
                return false;
            }
            return m1013do.mo74do();
        } catch (RemoteException unused) {
            return false;
        }
    }

    public void closeUdpEncapsulationSocket(int i) {
        m1014do(this.f1481byte, i, "UdpEncapsulationSocket");
    }

    protected void dump(FileDescriptor fileDescriptor, PrintWriter printWriter, String[] strArr) {
        this.f1482int.enforceCallingOrSelfPermission("android.permission.DUMP", "IpSecService");
        printWriter.println("IpSecService Log:");
        StringBuilder sb = new StringBuilder("NetdNativeService Connection: ");
        sb.append(m1016for() ? "alive" : "dead");
        printWriter.println(sb.toString());
        printWriter.println();
    }

    public synchronized IpSecUdpEncapResponse openUdpEncapsulationSocket(int i, IBinder iBinder) {
        FileDescriptor socket;
        if (i != 0 && (i < 1024 || i > 65535)) {
            throw new IllegalArgumentException("Specified port number must be a valid non-reserved UDP port");
        }
        int andIncrement = f1480new.getAndIncrement();
        FileDescriptor fileDescriptor = null;
        try {
            socket = Os.socket(OsConstants.AF_INET, OsConstants.SOCK_DGRAM, OsConstants.IPPROTO_UDP);
        } catch (ErrnoException | IOException unused) {
        }
        try {
            if (i != 0) {
                Log.v("IpSecService", "Binding to port ".concat(String.valueOf(i)));
                Os.bind(socket, f1478for, i);
            } else {
                m1015do(socket);
            }
            Os.setsockoptInt(socket, OsConstants.IPPROTO_UDP, OsConstants.UDP_ENCAP, OsConstants.UDP_ENCAP_ESPINUDP);
            ManagedResourceArray<UdpSocketRecord> managedResourceArray = this.f1481byte;
            UdpSocketRecord udpSocketRecord = new UdpSocketRecord(andIncrement, iBinder, socket, i);
            Preconditions.checkNotNull(udpSocketRecord, "Null resources cannot be added");
            managedResourceArray.f1491do.put(andIncrement, udpSocketRecord);
            return new IpSecUdpEncapResponse(0, andIncrement, i, socket);
        } catch (ErrnoException | IOException unused2) {
            fileDescriptor = socket;
            IoUtils.closeQuietly(fileDescriptor);
            return new IpSecUdpEncapResponse(1);
        }
    }

    public void releaseSecurityParameterIndex(int i) {
        m1014do(this.f1483try, i, "SecurityParameterIndex");
    }
}
