package net.mx17.overridedns;

import android.annotation.TargetApi;
import android.app.Notification;
import android.content.Context;
import android.net.ConnectivityManager;
import android.net.LinkProperties;
import android.net.Network;
import android.net.NetworkInfo;
import android.os.Build;
import android.text.TextUtils;
import java.io.File;
import java.io.FileInputStream;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.List;
import net.mx17.overridedns.CustomDNSSetter;

@TargetApi(21)
/* loaded from: classes.dex */
public class CustomDNSSetter21 extends CustomDNSSetter {
    public static final String PATCH_METHOD_NONE = "none";
    public static final String PATCH_METHOD_SETOOLS = "setools";
    public static final String PATCH_METHOD_SUPERSU = "supersu";
    public static final String PREF_PATCH_METHOD = "patch_selinux_method";
    private static final String SELINUXCONTEXT = "u:r:system_app:s0";
    private static final String SELINUXSUDAEMONCONTEXT = "u:r:sudaemon:s0";
    private static final String SELINUXSUDAEMONCONTEXT_MAGISK = "u:r:su:s0";
    private static final String TAG = "overridedns.CustomDNSSetter21";
    private static Boolean isSELinuxPatched = false;
    protected static String mPatchSELinuxMethod;
    protected String[] commandsTemplates21 = {"%NDCBIN% resolver setnetdns %NETID% \"\" \"%DNS1%\" \"%DNS2%\"", "%NDCBIN% resolver flushnet %NETID%"};

    /* loaded from: classes.dex */
    public static final class NotConnectedException extends Exception {
        public NotConnectedException(String str) {
            super(str);
        }
    }

    protected static Notification addDNSNotificationCustomizations(Notification.Builder builder) {
        Log.d(TAG, "addDNSNotificationCustomizations");
        return builder.build();
    }

    private String addToExclusionRegEx(String str, String str2) {
        if (!str.equals("")) {
            str = str + "|";
        }
        return str + "^" + str2 + "$";
    }

    private void applyDNSLollipop(String str, String str2, String str3, String str4, String[] strArr) throws Exception {
        RootUtil startShell = new RootUtil().startShell();
        ArrayList arrayList = new ArrayList();
        Log.d(TAG, "applyDNSLollipop dns1=" + str + ", dns2=" + str2 + ", netId=" + str3 + ", seContext=" + str4);
        if (str == null) {
            str = "";
        }
        if (str2 == null) {
            str2 = "";
        }
        Log.d(TAG, "parsing " + strArr.length + " commands");
        for (int i = 0; i < strArr.length; i++) {
            String replace = strArr[i].replace("%NDCBIN%", "/system/bin/ndc").replace("%NETID%", str3).replace("%DNS1%", str).replace("%DNS2%", str2);
            if (str4 != null) {
                replace = "su -cn " + str4 + " -c '" + replace + "' </dev/null 2>&1";
            }
            int execute = startShell.execute(replace, arrayList);
            if (execute != 0) {
                String join = TextUtils.join("\n", arrayList);
                Log.e(TAG, "failure on command " + i + "/" + strArr.length + " is \"" + replace + "\"");
                StringBuilder sb = new StringBuilder();
                sb.append("exit code is ");
                sb.append(execute);
                Log.e(TAG, sb.toString());
                Log.e(TAG, "output is \"" + join + "\"");
                throw new Exception("applyDNSLollipop failed to exec command number " + i);
            }
        }
        startShell.dispose();
    }

    private static String extractContextFromOutput(String str) {
        String[] split = str.trim().split(" ");
        return (split.length != 1 || split[0].substring(0, 8).equals("context=")) ? split[split.length - 1].split("=")[1] : split[0];
    }

    private String getSELinuxContext() throws Exception {
        try {
            Log.d(TAG, "try to get SELinux context with id");
            return getSELinuxContextWithId();
        } catch (Exception e) {
            Log.e(TAG, "cannot get SELinux context with id", e);
            try {
                Log.d(TAG, "try to get SELinux context with ps");
                return getSELinuxContextWithPS();
            } catch (Exception e2) {
                Log.e(TAG, "cannot get SELinux context with ps", e2);
                throw new Exception("cannot get SELinux context");
            }
        }
    }

    private String getSELinuxContextWithId() throws Exception {
        RootUtil startShell = new RootUtil().startShell();
        ArrayList arrayList = new ArrayList();
        LiveMessage.post("Getting SELinux context with id");
        try {
            int i = startShell.toolbox("id -Z", arrayList);
            String join = TextUtils.join("\n", arrayList);
            if (i == 0) {
                startShell.dispose();
                return extractContextFromOutput(join);
            }
            Log.d(TAG, "getSELinuxContextWithId toolbox exitCode=" + i + ", output=" + join);
            int execute = startShell.execute("id -Z", arrayList);
            String join2 = TextUtils.join("\n", arrayList);
            if (execute == 0) {
                startShell.dispose();
                return extractContextFromOutput(join2);
            }
            Log.d(TAG, "getSELinuxContextWithId execute exitCode=" + execute + ", output=" + join2);
            startShell.dispose();
            throw new Exception("getSELinuxContextWithId failed");
        } finally {
            startShell.dispose();
        }
    }

    private String getSELinuxContextWithPS() throws Exception {
        RootUtil rootUtil = new RootUtil();
        LiveMessage.post("Getting SELinux context with ps");
        try {
            ArrayList arrayList = new ArrayList();
            int i = rootUtil.toolbox("ps -p $$ -Z | tail -1", arrayList);
            String join = TextUtils.join("\n", arrayList);
            if (i == 0) {
                return join.trim().split(" ")[0];
            }
            Log.e(TAG, "getSELinuxContextWithPS command (" + i + ") output is " + join);
            throw new Exception("command returned a non 0 exit code: " + i);
        } finally {
            rootUtil.dispose();
        }
    }

    private void patchSELinuxSeTools() throws Exception {
        String str = this.mContext.getApplicationInfo().nativeLibraryDir + "/lib_sepolicy-inject.so";
        String[] strArr = {"-l -s system_app -t wcnss_service_exec -c file -p read", "-l -s system_app -t wcnss_service_exec -c file -p open", "-l -s system_app -t wcnss_service_exec -c file -p getattr", "-l -s system_app -t wcnss_service_exec -c file -p execute_no_trans", "-l -s system_app -t netd_socket -c sock_file -p write", "-l -s wcnss_service -t init -c fifo_file -p read", "-l -s wcnss_service -t init -c fifo_file -p write", "-l -s wcnss_service -t init -c fifo_file -p getattr", "-l -s netd_socket -t init -c sock_file -p write", "-l -s wcnss_service -t netd_socket -c sock_file -p write", "-l -s system_app -t wcnss_service_exec -c file -p execute", "-l -s system_app -t wpa_exec -c file -p read", "-l -s system_app -t wpa_exec -c file -p execute", "-l -s system_app -t wpa_exec -c file -p execute_no_trans", "-l -s system_app -t wpa_exec -c file -p entrypoint", "-l -s system_app -t wpa_exec -c file -p open", "-l -s system_app -t wpa_exec -c file -p getattr"};
        RootUtil startShell = new RootUtil().startShell();
        ArrayList arrayList = new ArrayList();
        LiveMessage.post("Patching SELinux with SETools' utilities");
        for (int i = 0; i < strArr.length; i++) {
            try {
                int execute = startShell.execute(str + " " + strArr[i], arrayList);
                if (execute != 0) {
                    String join = TextUtils.join("\n", arrayList);
                    if (execute != 2) {
                        Log.e(TAG, "patchSELinuxSeTools: failed to patch, exitCode=" + execute + ", output is " + join);
                        throw new Exception("patchSELinuxSeTools failed");
                    }
                    Log.d(TAG, "patchSELinuxSeTools: the rule number " + i + " was not accepted: " + join);
                }
            } finally {
                startShell.dispose();
            }
        }
    }

    private void patchSELinuxSuperSU() throws Exception {
        String[] strArr = {"allow system_app wcnss_service_exec file { read open getattr execute_no_trans }", "allow system_app netd_socket sock_file write", "allow wcnss_service init fifo_file { read write getattr }", "allow netd_socket init sock_file { write }", "allow wcnss_service netd_socket sock_file { write }", "allow system_app wcnss_service_exec file { execute }", "allow system_app wpa_exec file { read execute execute_no_trans entrypoint open getattr }"};
        RootUtil startShell = new RootUtil().startShell();
        ArrayList arrayList = new ArrayList();
        LiveMessage.post("Patching SELinux with SuperSU's utilities");
        for (int i = 0; i < strArr.length; i++) {
            try {
                int execute = startShell.execute("supolicy --live '" + strArr[i] + "'", arrayList);
                if (execute != 0) {
                    String join = TextUtils.join("\n", arrayList);
                    if (execute != 2) {
                        Log.e(TAG, "patchSELinuxSuperSU: failed to patch, exitCode=" + execute + ", output is " + join);
                        throw new Exception("patchSELinuxSuperSU failed");
                    }
                    Log.d(TAG, "patchSELinuxSuperSU: the rule number " + i + " was not accepted: " + join);
                }
            } finally {
                startShell.dispose();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.mx17.overridedns.CustomDNSSetter
    public Notification.Builder buildNotificationWorking(String str, String str2) {
        return super.buildNotificationWorking(str, str2).setCategory("progress").setVisibility(1);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CustomDNSSetter.ONetInfo getONetInfo(Context context) throws Exception {
        ConnectivityManager connectivityManager = (ConnectivityManager) context.getSystemService("connectivity");
        NetworkInfo activeNetworkInfo = connectivityManager.getActiveNetworkInfo();
        CustomDNSSetter.ONetInfo oNetInfo = new CustomDNSSetter.ONetInfo();
        LiveMessage.post("Getting network info");
        LinkProperties linkProperties = null;
        for (Network network : connectivityManager.getAllNetworks()) {
            NetworkInfo networkInfo = connectivityManager.getNetworkInfo(network);
            if (networkInfo != null && networkInfo.toString().equals(activeNetworkInfo.toString())) {
                oNetInfo.netId = network.toString();
                linkProperties = connectivityManager.getLinkProperties(network);
                oNetInfo.netInterface = linkProperties != null ? linkProperties.getInterfaceName() : null;
                List<InetAddress> dnsServers = linkProperties.getDnsServers();
                try {
                    oNetInfo.dns1 = dnsServers.get(0).getHostAddress();
                    oNetInfo.dns2 = dnsServers.get(1).getHostAddress();
                } catch (IndexOutOfBoundsException unused) {
                }
            }
        }
        if (oNetInfo.netInterface == null) {
            Log.e(TAG, "throwing Exception, netInterface is null, netId=" + oNetInfo.netId + ", lp=" + linkProperties);
            throw new NotConnectedException("cannot find netInterface");
        }
        if (oNetInfo.netId != null) {
            return oNetInfo;
        }
        Log.e(TAG, "throwing Exception, netId is null, lp=" + linkProperties);
        throw new NotConnectedException("cannot find netId");
    }

    public synchronized boolean isSELinuxEnforcing() {
        Boolean bool;
        LiveMessage.post("Checking SELinux mode");
        if (Build.VERSION.SDK_INT < 17) {
            Log.d(TAG, "try to get SELinux status with Build.VERSION: < Jelly Bean MR1 is false");
            return false;
        }
        LiveMessage.post("Checking SELinux mode with getenforce");
        try {
            RootUtil startShell = new RootUtil().startShell();
            ArrayList arrayList = new ArrayList();
            int execute = startShell.execute("getenforce | grep Enforcing", arrayList);
            String join = TextUtils.join("\n", arrayList);
            startShell.dispose();
            Log.d(TAG, "isSELinuxEnforced exitCode=" + execute + ", output=" + join);
            if (execute == 0) {
                return true;
            }
        } catch (Exception e) {
            Log.e(TAG, "cannot get SELinux enforcing status using shell", e);
        }
        LiveMessage.post("Checking SELinux mode with /sys/ filesystem");
        try {
            if (new File("/sys/fs/selinux/enforce").exists()) {
                try {
                    bool = Boolean.valueOf(new FileInputStream("/sys/fs/selinux/enforce").read() == 49);
                    try {
                    } catch (Exception e2) {
                        e = e2;
                        Log.e(TAG, "cannot read /sys/fs/selinux/enforce", e);
                        LiveMessage.post("Checking SELinux mode with reflections");
                        Log.d(TAG, "try to get SELinux status with reflections");
                        return ((Boolean) Class.forName("android.os.SELinux").getMethod("isSELinuxEnforced", new Class[0]).invoke(null, new Object[0])).booleanValue();
                    }
                } finally {
                }
            } else {
                bool = null;
            }
        } catch (Exception e3) {
            e = e3;
            bool = null;
        }
        LiveMessage.post("Checking SELinux mode with reflections");
        try {
            Log.d(TAG, "try to get SELinux status with reflections");
            return ((Boolean) Class.forName("android.os.SELinux").getMethod("isSELinuxEnforced", new Class[0]).invoke(null, new Object[0])).booleanValue();
        } catch (Exception e4) {
            Log.e(TAG, "cannot get SELinux enforcing status using reflections", e4);
            if (bool == null) {
                return true;
            }
            return bool.booleanValue();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void realSetDNS(String str, String str2, String[] strArr) throws Exception {
        String str3;
        getNetdevExclusionRegex();
        String str4 = SELINUXCONTEXT;
        CustomDNSSetter.ONetInfo oNetInfo = getONetInfo(this.mContext);
        Log.d(TAG, "starting to apply DNS " + str + ", " + str2 + " to ONetInfo: " + oNetInfo);
        LiveMessage.post("Starting to apply DNS");
        this.event.success = true;
        this.event.netDev = oNetInfo.netInterface;
        this.event.oNetInfo = oNetInfo;
        if (!isSELinuxEnforcing()) {
            Log.d(TAG, "SELinux=Permissive, applyDNSLollipop with null context");
            applyDNSLollipop(str, str2, oNetInfo.netId, null, strArr);
            if (this.event.success.booleanValue()) {
                return;
            }
            throw new Exception("failed with message: " + this.event.errorMessage);
        }
        String sELinuxContext = getSELinuxContext();
        Log.d(TAG, "SELinux=Enforcing, context=" + sELinuxContext);
        if (sELinuxContext.equals(SELINUXSUDAEMONCONTEXT) || sELinuxContext.equals(SELINUXSUDAEMONCONTEXT_MAGISK)) {
            str3 = null;
        } else {
            Log.d(TAG, "SELinuxPatched=" + isSELinuxPatched);
            if (!isSELinuxPatched.booleanValue()) {
                mPatchSELinuxMethod = mPrefs.getString(PREF_PATCH_METHOD, PATCH_METHOD_SETOOLS);
                Log.d(TAG, "SELinux patching method is " + mPatchSELinuxMethod);
                if (mPatchSELinuxMethod.equals(PATCH_METHOD_SETOOLS)) {
                    LiveMessage.post("Patching SELinux (setools)");
                    patchSELinuxSeTools();
                } else if (mPatchSELinuxMethod.equals(PATCH_METHOD_SUPERSU)) {
                    LiveMessage.post("Patching SELinux (SuperSU)");
                    patchSELinuxSuperSU();
                } else {
                    if (!mPatchSELinuxMethod.equals(PATCH_METHOD_NONE)) {
                        LiveMessage.post("[E] Invalid SELinux patching method");
                        throw new Exception("Invalid SELinux patching method");
                    }
                    LiveMessage.post("No need to patch SELinux, run with a null context");
                    str4 = null;
                }
                isSELinuxPatched = true;
            }
            str3 = str4;
        }
        Log.d(TAG, "SELinux context is " + sELinuxContext + ", apply DNS with " + str3 + " SELinux context");
        applyDNSLollipop(str, str2, oNetInfo.netId, str3, strArr);
        if (this.event.success.booleanValue()) {
            return;
        }
        throw new Exception("failed with message: " + this.event.errorMessage);
    }

    @Override // net.mx17.overridedns.CustomDNSSetter
    protected void setDNS(String str, String str2) throws Exception {
        Log.d(TAG, "setDNS with commandTemplates21");
        LiveMessage.post("Load template for Lollipop 5.0 and above");
        realSetDNS(str, str2, this.commandsTemplates21);
        this.event.flushed = false;
    }
}
