package com.adguard.filter.proxy;

import com.adguard.commons.io.IoUtils;
import com.adguard.commons.io.SocketChannelInputStream;
import com.adguard.commons.io.SocketChannelOutputStream;
import com.adguard.commons.utils.TlsUtils;
import com.adguard.commons.web.ConnectionProtocol;
import com.adguard.filter.filters.FilteringContext;
import com.adguard.filter.filters.HttpRequestFilter;
import com.adguard.filter.http.HttpMethod;
import com.adguard.filter.http.HttpRequest;
import com.adguard.filter.network.ConnectionFinder;
import com.adguard.filter.network.ConnectionInfo;
import com.adguard.filter.network.LruCache;
import com.adguard.filter.network.TcpListener;
import com.adguard.filter.rules.UrlFilterRule;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.ConnectException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.URL;
import java.nio.channels.SocketChannel;
import java.util.Arrays;
import javax.net.ssl.SSLSocket;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public abstract class BaseHttpsProxyServer extends TcpListener {
    private static final int DOMAIN_CACHE_SIZE = 250;
    private static final Logger LOG = LoggerFactory.getLogger(BaseHttpsProxyServer.class);
    private static final LruCache<String, String> DOMAIN_CACHE = new LruCache<>(250);

    public BaseHttpsProxyServer(String str) {
        super(str);
    }

    public BaseHttpsProxyServer(InetSocketAddress inetSocketAddress) {
        super(inetSocketAddress);
    }

    private String parseDomainNameFromSslCertificate(InetSocketAddress inetSocketAddress) {
        Socket socket;
        SocketChannel socketChannel;
        SSLSocket sSLSocket = null;
        try {
            socketChannel = openSocketChannel(null);
            try {
                socket = socketChannel.socket();
            } catch (Throwable th) {
                th = th;
                socket = null;
            }
            try {
                sSLSocket = TlsUtils.createSslSocket(socket, inetSocketAddress.getAddress().getHostAddress(), inetSocketAddress.getPort());
                String parseDomainNameFromCommonName = TlsUtils.parseDomainNameFromCommonName(sSLSocket);
                IOUtils.closeQuietly(socketChannel);
                IOUtils.closeQuietly(socket);
                IOUtils.closeQuietly((Socket) sSLSocket);
                return parseDomainNameFromCommonName;
            } catch (Throwable th2) {
                th = th2;
                IOUtils.closeQuietly(socketChannel);
                IOUtils.closeQuietly(socket);
                IOUtils.closeQuietly((Socket) sSLSocket);
                throw th;
            }
        } catch (Throwable th3) {
            th = th3;
            socket = null;
            socketChannel = null;
        }
    }

    private void processSslConnection(byte[] bArr, TcpConnectionContext tcpConnectionContext, InetSocketAddress inetSocketAddress, ConnectionInfo connectionInfo) {
        String str;
        boolean z;
        String str2 = null;
        try {
            str2 = TlsUtils.parseDomainNameFromTlsHello(tcpConnectionContext.getId(), bArr);
            LOG.debug("TCP id={} TLS to domain {}. Remote address {}.", Long.valueOf(tcpConnectionContext.getId()), str2, inetSocketAddress);
            str = str2;
        } catch (Exception e) {
            LOG.debug("TCP id={} Cannot parse domain name. Remote address {}.", Long.valueOf(tcpConnectionContext.getId()), inetSocketAddress);
            str = str2;
        }
        if (str != null) {
            DOMAIN_CACHE.put(inetSocketAddress.toString(), str);
        } else {
            String str3 = DOMAIN_CACHE.get(inetSocketAddress.toString());
            if (str3 == null) {
                str = parseDomainNameFromSslCertificate(inetSocketAddress);
                LOG.debug("TCP id={} Parsed domain name from SSL certificate: {}", Long.valueOf(tcpConnectionContext.getId()), str);
                DOMAIN_CACHE.put(inetSocketAddress.toString(), str != null ? str : "");
            } else {
                str = str3;
            }
        }
        try {
            if (isConnectionShouldBeBlocked(tcpConnectionContext, connectionInfo, str)) {
                z = true;
            } else {
                tunnelConnection(tcpConnectionContext, inetSocketAddress, bArr);
                z = false;
            }
            if (StringUtils.isEmpty(str)) {
                str = inetSocketAddress.toString();
            }
            onSslConnectionProcessed(tcpConnectionContext, str, z);
        } catch (Throwable th) {
            if (StringUtils.isEmpty(str)) {
                str = inetSocketAddress.toString();
            }
            onSslConnectionProcessed(tcpConnectionContext, str, false);
            throw th;
        }
    }

    private byte[] readFirstChunk(TcpConnectionContext tcpConnectionContext) {
        try {
            tcpConnectionContext.waitForData();
            if (tcpConnectionContext.getLocalInputStream().available() > 0) {
                byte[] bArr = new byte[tcpConnectionContext.getLocalInputStream().available()];
                if (tcpConnectionContext.getLocalInputStream().read(bArr) < bArr.length) {
                    throw new IOException("Wrong buffer size");
                }
                return bArr;
            }
        } catch (IOException e) {
            LOG.error("TCP id={} Error reading first chunk of data\r\n", Long.valueOf(tcpConnectionContext.getId()), e);
        }
        return null;
    }

    private void tunnelConnection(TcpConnectionContext tcpConnectionContext, InetSocketAddress inetSocketAddress, byte[] bArr) {
        SocketChannelOutputStream socketChannelOutputStream;
        SocketChannelInputStream socketChannelInputStream;
        SocketChannel socketChannel;
        SocketChannel socketChannel2 = null;
        long id = tcpConnectionContext.getId();
        try {
            socketChannel = openSocketChannel(inetSocketAddress);
            try {
                socketChannel.configureBlocking(true);
                socketChannel.socket().connect(inetSocketAddress, 3000);
                socketChannel.configureBlocking(false);
                socketChannelInputStream = new SocketChannelInputStream(socketChannel);
                try {
                    socketChannelOutputStream = new SocketChannelOutputStream(socketChannel);
                    if (bArr != null) {
                        try {
                            socketChannelOutputStream.write(bArr);
                        } catch (IOException e) {
                            e = e;
                            socketChannel2 = socketChannel;
                            try {
                                if (e instanceof ConnectException) {
                                    LOG.warn("TCP id={} Cannot connect to {}", Long.valueOf(id), inetSocketAddress);
                                } else {
                                    LOG.error("TCP id={} Error tunneling to {}\r\n", Long.valueOf(id), inetSocketAddress, e);
                                }
                                IOUtils.closeQuietly(socketChannel2);
                                IOUtils.closeQuietly((InputStream) socketChannelInputStream);
                                IOUtils.closeQuietly((OutputStream) socketChannelOutputStream);
                                return;
                            } catch (Throwable th) {
                                th = th;
                                socketChannel = socketChannel2;
                                IOUtils.closeQuietly(socketChannel);
                                IOUtils.closeQuietly((InputStream) socketChannelInputStream);
                                IOUtils.closeQuietly((OutputStream) socketChannelOutputStream);
                                throw th;
                            }
                        } catch (Throwable th2) {
                            th = th2;
                            IOUtils.closeQuietly(socketChannel);
                            IOUtils.closeQuietly((InputStream) socketChannelInputStream);
                            IOUtils.closeQuietly((OutputStream) socketChannelOutputStream);
                            throw th;
                        }
                    }
                    LOG.debug("TCP id={} Tunneling data to {}", Long.valueOf(id), inetSocketAddress);
                    IoUtils.tunnel(tcpConnectionContext.getLocalSocket(), socketChannel.socket(), tcpConnectionContext.getLocalInputStream(), tcpConnectionContext.getLocalOutputStream(), socketChannelInputStream, socketChannelOutputStream, 1800000);
                    LOG.debug("TCP id={} Tunneling data to {} finished", Long.valueOf(id), inetSocketAddress);
                    IOUtils.closeQuietly(socketChannel);
                    IOUtils.closeQuietly((InputStream) socketChannelInputStream);
                    IOUtils.closeQuietly((OutputStream) socketChannelOutputStream);
                } catch (IOException e2) {
                    e = e2;
                    socketChannelOutputStream = null;
                    socketChannel2 = socketChannel;
                } catch (Throwable th3) {
                    th = th3;
                    socketChannelOutputStream = null;
                }
            } catch (IOException e3) {
                e = e3;
                socketChannelOutputStream = null;
                socketChannelInputStream = null;
                socketChannel2 = socketChannel;
            } catch (Throwable th4) {
                th = th4;
                socketChannelOutputStream = null;
                socketChannelInputStream = null;
            }
        } catch (IOException e4) {
            e = e4;
            socketChannelOutputStream = null;
            socketChannelInputStream = null;
        } catch (Throwable th5) {
            th = th5;
            socketChannelOutputStream = null;
            socketChannelInputStream = null;
            socketChannel = null;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v9, types: [org.slf4j.Logger] */
    /* JADX WARN: Type inference failed for: r1v6, types: [java.lang.Object, java.lang.String] */
    /* JADX WARN: Type inference failed for: r1v7, types: [org.slf4j.Logger] */
    @Override // com.adguard.filter.network.TcpListener
    protected void acceptIncomingConnection(TcpConnectionContext tcpConnectionContext) {
        ConnectionInfo connectionInfo;
        ConnectionInfo connectionInfo2;
        ConnectionInfo connectionInfo3 = null;
        InetSocketAddress inetSocketAddress = null;
        ConnectionInfo connectionInfo4 = null;
        try {
            try {
                try {
                    byte[] readFirstChunk = readFirstChunk(tcpConnectionContext);
                    if (readFirstChunk == null) {
                        ConnectionInfo resolveConnectionInfo = resolveConnectionInfo(tcpConnectionContext.getLocalSocket().getPort());
                        LOG.debug("TCP id={} Client {} has not sent any data to the connection.", Long.valueOf(tcpConnectionContext.getId()), resolveConnectionInfo);
                        if (resolveConnectionInfo != null && resolveConnectionInfo.getDstAddress() != null) {
                            tunnelConnection(tcpConnectionContext, resolveConnectionInfo.getDstAddress(), null);
                        }
                        onConnectionProcessingFinished(resolveConnectionInfo, tcpConnectionContext);
                        connectionInfo3 = resolveConnectionInfo;
                    } else {
                        connectionInfo = resolveConnectionInfo(tcpConnectionContext.getLocalSocket().getPort());
                        if (connectionInfo != null) {
                            try {
                                inetSocketAddress = connectionInfo.getDstAddress();
                            } catch (Exception e) {
                                e = e;
                                connectionInfo4 = connectionInfo;
                                LOG.error("TCP id={} Cannot process this connection:\r\n", Long.valueOf(tcpConnectionContext.getId()), e);
                                onConnectionProcessingFinished(connectionInfo4, tcpConnectionContext);
                                return;
                            } catch (Throwable th) {
                                th = th;
                                onConnectionProcessingFinished(connectionInfo, tcpConnectionContext);
                                throw th;
                            }
                        }
                        if (isConnectionAllowed(connectionInfo)) {
                            logConnection(tcpConnectionContext.getId(), connectionInfo);
                            if (inetSocketAddress == null) {
                                ?? parseDomainNameFromTlsHello = TlsUtils.parseDomainNameFromTlsHello(tcpConnectionContext.getId(), readFirstChunk);
                                if (parseDomainNameFromTlsHello != 0) {
                                    LOG.warn("TCP id={} Cannot detect remote address for {}", Long.valueOf(tcpConnectionContext.getId()), parseDomainNameFromTlsHello);
                                    connectionInfo2 = parseDomainNameFromTlsHello;
                                } else {
                                    ?? r1 = LOG;
                                    r1.warn("TCP id={} Cannot detect remote address. Incoming data is {}", Long.valueOf(tcpConnectionContext.getId()), Arrays.toString(readFirstChunk));
                                    connectionInfo2 = r1;
                                }
                                onConnectionProcessingFinished(connectionInfo, tcpConnectionContext);
                                connectionInfo3 = connectionInfo2;
                            } else {
                                LOG.debug("TCP id={} First chunk length is {}", Long.valueOf(tcpConnectionContext.getId()), Integer.valueOf(readFirstChunk.length));
                                if (readFirstChunk.length <= 52) {
                                    tunnelConnection(tcpConnectionContext, inetSocketAddress, readFirstChunk);
                                    onConnectionProcessingFinished(connectionInfo, tcpConnectionContext);
                                    connectionInfo3 = inetSocketAddress;
                                } else {
                                    processSslConnection(readFirstChunk, tcpConnectionContext, inetSocketAddress, connectionInfo);
                                    onConnectionProcessingFinished(connectionInfo, tcpConnectionContext);
                                    connectionInfo3 = inetSocketAddress;
                                }
                            }
                        } else {
                            onConnectionProcessingFinished(connectionInfo, tcpConnectionContext);
                            connectionInfo3 = inetSocketAddress;
                        }
                    }
                } catch (Throwable th2) {
                    th = th2;
                    connectionInfo = null;
                }
            } catch (Exception e2) {
                e = e2;
            }
        } catch (Throwable th3) {
            th = th3;
            connectionInfo = connectionInfo3;
        }
    }

    protected boolean isConnectionAdFilteringAllowed(ConnectionInfo connectionInfo) {
        return true;
    }

    protected boolean isConnectionAllowed(ConnectionInfo connectionInfo) {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isConnectionDomainAllowed(TcpConnectionContext tcpConnectionContext, String str, ConnectionInfo connectionInfo) {
        if (StringUtils.isEmpty(str)) {
            return true;
        }
        try {
            HttpRequest httpRequest = new HttpRequest(HttpMethod.GET, new URL("https://" + str + UrlFilterRule.MASK_REGEX_RULE));
            FilteringContext filteringContext = new FilteringContext(httpRequest);
            HttpRequestFilter httpRequestFilter = HttpFilterHolder.getInstance().getHttpRequestFilter();
            boolean z = (httpRequestFilter == null ? null : httpRequestFilter.filterRequest(httpRequest, filteringContext)) != null;
            if (z) {
                onHttpResponseBlocked(connectionInfo, filteringContext);
            }
            return !z;
        } catch (Exception e) {
            LOG.error("TCP id={} Error while filtering domain {}\r\n", Long.valueOf(tcpConnectionContext.getId()), str, e);
            return true;
        }
    }

    protected boolean isConnectionShouldBeBlocked(TcpConnectionContext tcpConnectionContext, ConnectionInfo connectionInfo, String str) {
        return isConnectionAdFilteringAllowed(connectionInfo) && !isConnectionDomainAllowed(tcpConnectionContext, str, connectionInfo);
    }

    protected abstract void logConnection(long j, ConnectionInfo connectionInfo);

    protected abstract void onConnectionProcessingFinished(ConnectionInfo connectionInfo, TcpConnectionContext tcpConnectionContext);

    protected abstract void onHttpResponseBlocked(ConnectionInfo connectionInfo, FilteringContext filteringContext);

    protected abstract void onSslConnectionProcessed(TcpConnectionContext tcpConnectionContext, String str, boolean z);

    /* JADX INFO: Access modifiers changed from: protected */
    public SocketChannel openSocketChannel(InetSocketAddress inetSocketAddress) {
        return SocketChannel.open();
    }

    protected ConnectionInfo resolveConnectionInfo(int i) {
        return ConnectionFinder.findConnectionInfo(i, ConnectionProtocol.TCP);
    }
}
