package org.eu.mayrhofer.channel;

import java.io.BufferedWriter;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.util.LinkedList;
import java.util.StringTokenizer;
import org.apache.commons.codec.binary.Hex;
import org.apache.log4j.Logger;
import org.xmlpull.v1.XmlPullParser;

/* loaded from: input_file:org/eu/mayrhofer/channel/IPSecConnection_Openswan.class */
class IPSecConnection_Openswan implements IPSecConnection {
    private static Logger logger;
    public static final String CONN = "conn";
    public static final String LEFTSUBNET = "leftsubnet";
    public static final String RIGHTSUBNET = "rightsubnet";
    public static final String EROUTED = "erouted";
    public static final String EROUTED_HOLD = "erouted HOLD";
    public static final String UNROUTET = "unrouted";
    public static final String IPSEC_ESTABLISHED = "IPsec SA established";
    private String remoteNetwork;
    public static final int RUNNING = 1;
    public static final int STANDBY = 0;
    public static final int DEACTIVATED = -1;
    static Class class$org$eu$mayrhofer$channel$IPSecConnection_Openswan;
    private LinkedList ignoredConns = new LinkedList();
    private String remoteHost = null;
    private boolean persistent = false;
    private String localAddr = null;

    public IPSecConnection_Openswan() {
        this.ignoredConns.add("private");
        this.ignoredConns.add("block");
        this.ignoredConns.add("private-or-clear");
        this.ignoredConns.add("clear");
        this.ignoredConns.add("packetdefault");
        this.ignoredConns.add("clear-or-private");
    }

    protected String createConnName(String str, String str2) {
        return new StringBuffer().append("auto-").append(str.replace('.', '_')).append("-").append(str2.replace('.', '_')).toString();
    }

    @Override // org.eu.mayrhofer.channel.SecureChannel
    public boolean init(String str, boolean z) {
        return !z ? init(str, null, 0) : init(str, "0.0.0.0", 0);
    }

    @Override // org.eu.mayrhofer.channel.IPSecConnection
    public boolean init(String str, String str2, int i) {
        if (this.remoteHost != null) {
            logger.error(new StringBuffer().append("Can not initialize connection with remote '").append(str).append("', already initialized with '").append(this.remoteHost).append("'").toString());
            return false;
        }
        this.remoteHost = str;
        if (str2 != null) {
            this.remoteNetwork = new StringBuffer().append(str2).append("/").append(i).toString();
        } else {
            this.remoteNetwork = null;
        }
        logger.info(new StringBuffer().append("Initialized with remote '").append(this.remoteHost).append("', network '").append(this.remoteNetwork).append("'").toString());
        return true;
    }

    @Override // org.eu.mayrhofer.channel.SecureChannel
    public boolean start(byte[] bArr, boolean z) {
        return start(bArr, null, z);
    }

    @Override // org.eu.mayrhofer.channel.IPSecConnection
    public boolean start(String str, boolean z) {
        return start(null, str, z);
    }

    private boolean start(byte[] bArr, String str, boolean z) {
        if (this.remoteHost == null) {
            logger.error("Can not start connection, remoteHost not yet set");
            return false;
        }
        if (bArr != null && str != null) {
            logger.error("Can't use both secret key and X.509 certificate authentication");
            return false;
        }
        this.persistent = z;
        logger.debug(new StringBuffer().append("Trying to create ").append(z ? "persistent" : "temporary").append(" ipsec connection to host ").append(this.remoteHost).append(this.remoteNetwork != null ? new StringBuffer().append(" to remote network ").append(this.remoteNetwork).toString() : XmlPullParser.NO_NAMESPACE).toString());
        File file = new File(new StringBuffer().append("/etc/ipsec.d/dynamic/").append(this.remoteHost).append(".conf").toString());
        if (file.exists()) {
            logger.error(new StringBuffer().append("Unable to create IPSec connection to ").append(this.remoteHost).append(": ").append(file).append(" already exists.").toString());
            return false;
        }
        File file2 = new File(new StringBuffer().append("/etc/ipsec.d/dynamic/").append(this.remoteHost).append(".psk").toString());
        if (file.exists()) {
            logger.error(new StringBuffer().append("Unable to create IPSec connection to ").append(this.remoteHost).append(": ").append(file2).append(" already exists.").toString());
            return false;
        }
        try {
            logger.info(new StringBuffer().append("Creating config files ").append(file).append(" and ").append(file2).toString());
            if (!file.createNewFile()) {
                logger.error(new StringBuffer().append("Unable to create IPSec connection to ").append(this.remoteHost).append(": ").append(file).append(" could not be created.").toString());
                return false;
            }
            BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(file));
            if (!file2.createNewFile()) {
                logger.error(new StringBuffer().append("Unable to create IPSec connection to ").append(this.remoteHost).append(": ").append(file).append(" could not be created.").toString());
                file.delete();
                return false;
            }
            BufferedWriter bufferedWriter2 = new BufferedWriter(new FileWriter(file2));
            logger.info("Creating one connection description for each of the local IP addresses");
            LinkedList allLocalIps = Helper.getAllLocalIps();
            while (allLocalIps.size() > 0) {
                String str2 = (String) allLocalIps.removeFirst();
                logger.debug(new StringBuffer().append("Using local address ").append(str2).toString());
                bufferedWriter.write(new StringBuffer().append("conn ").append(createConnName(str2, this.remoteHost)).append("\n").toString());
                bufferedWriter.write(new StringBuffer().append("    left=").append(str2).append("\n").toString());
                if (bArr != null) {
                    bufferedWriter.write("    authby=secret\n");
                    bufferedWriter.write("    leftcert=\n");
                } else {
                    bufferedWriter.write("    authby=cert\n");
                    if (str != null) {
                        bufferedWriter.write(new StringBuffer().append("    rightca=\"").append(str).append("\"\n").toString());
                    }
                }
                bufferedWriter.write(new StringBuffer().append("    right=").append(this.remoteHost).append("\n").toString());
                bufferedWriter.write(new StringBuffer().append("    auto=").append(z ? "start" : "add").append("\n").toString());
                if (this.remoteNetwork == null) {
                    bufferedWriter.write("    type=transport\n");
                } else {
                    bufferedWriter.write("    type=tunnel\n");
                    bufferedWriter.write(new StringBuffer().append("    rightsubnet=").append(this.remoteNetwork).append("\n").toString());
                }
                bufferedWriter.flush();
                if (bArr != null) {
                    bufferedWriter2.write(new StringBuffer().append(str2).append(" ").append(this.remoteHost).append(" : PSK \"").append(new String(Hex.encodeHex(bArr))).append("\"\n").toString());
                    bufferedWriter2.flush();
                }
                try {
                    Command.executeCommand(new String[]{"/usr/sbin/ipsec", "secrets"}, null, null);
                    Command.executeCommand(new String[]{"/usr/sbin/ipsec", "auto", "--add", createConnName(str2, this.remoteHost)}, null, null);
                    try {
                        Command.executeCommand(new String[]{"/usr/sbin/ipsec", "auto", "--asynchronous", "--up", createConnName(str2, this.remoteHost)}, null, null);
                    } catch (ExitCodeException e) {
                        logger.debug(new StringBuffer().append("Trying to take ipsec up resulted in error code different from 0:").append(e).toString());
                    }
                    this.localAddr = str2;
                    bufferedWriter.close();
                    bufferedWriter2.close();
                    logger.info(new StringBuffer().append("Established connection from ").append(str2).append(" to ").append(this.remoteHost).toString());
                    return isEstablished();
                } catch (ExitCodeException e2) {
                    logger.error(new StringBuffer().append("Command failed: ").append(e2).toString());
                    try {
                        Command.executeCommand(new String[]{"/usr/sbin/ipsec", "auto", "--delete", createConnName(str2, this.remoteHost)}, null, null);
                    } catch (ExitCodeException e3) {
                    }
                }
            }
            bufferedWriter.close();
            bufferedWriter2.close();
            logger.error("None of the connections could be established, cleaning up");
            file.delete();
            file2.delete();
            try {
                Command.executeCommand(new String[]{"/usr/sbin/ipsec", "secrets"}, null, null);
                return false;
            } catch (ExitCodeException e4) {
                return false;
            }
        } catch (IOException e5) {
            logger.error(new StringBuffer().append("Could not execute command, handle files, or get list of local addresses: ").append(e5).toString());
            if (file.exists()) {
                file.delete();
            }
            if (file.exists()) {
                file2.delete();
            }
            try {
                Command.executeCommand(new String[]{"/usr/sbin/ipsec", "secrets"}, null, null);
                return false;
            } catch (Exception e6) {
                return false;
            }
        }
    }

    @Override // org.eu.mayrhofer.channel.SecureChannel
    public boolean stop() {
        if (this.remoteHost == null) {
            logger.error("Unable to stop IPSec connection, it has not been initialized yet (don't know which remote host to work on)");
            return false;
        }
        File file = new File(new StringBuffer().append("/etc/ipsec.d/dynamic/").append(this.remoteHost).append(".conf").toString());
        if (!file.exists()) {
            logger.error(new StringBuffer().append("Unable to stop IPSec connection to ").append(this.remoteHost).append(": ").append(file).append(" does not exists.").toString());
            return false;
        }
        File file2 = new File(new StringBuffer().append("/etc/ipsec.d/dynamic/").append(this.remoteHost).append(".psk").toString());
        if (!file2.exists()) {
            logger.error(new StringBuffer().append("Unable to stop IPSec connection to ").append(this.remoteHost).append(": ").append(file2).append(" does not exists.").toString());
            return false;
        }
        try {
            if (this.localAddr != null) {
                Command.executeCommand(new String[]{"/usr/sbin/ipsec", "auto", "--delete", createConnName(this.localAddr, this.remoteHost)}, null, null);
            } else {
                logger.info("Skipping to take the connection down, it does not seem to have been started.");
            }
        } catch (IOException e) {
            logger.error(new StringBuffer().append("Could not execute command: ").append(e).toString());
        } catch (ExitCodeException e2) {
            logger.error(new StringBuffer().append("Could not execute command: ").append(e2).toString());
        }
        if (!file.delete()) {
            logger.error(new StringBuffer().append("Unable to stop IPSec connection to ").append(this.remoteHost).append(": ").append(file).append(" could not be deleted.").toString());
            return false;
        }
        if (!file2.delete()) {
            logger.error(new StringBuffer().append("Unable to stop IPSec connection to ").append(this.remoteHost).append(": ").append(file2).append(" could not be deleted.").toString());
            return false;
        }
        try {
            Command.executeCommand(new String[]{"/usr/sbin/ipsec", "secrets"}, null, null);
            return !isEstablished();
        } catch (IOException e3) {
            logger.error(new StringBuffer().append("Could not execute command: ").append(e3).toString());
            return false;
        } catch (ExitCodeException e4) {
            logger.error(new StringBuffer().append("Could not execute command: ").append(e4).toString());
            return false;
        }
    }

    @Override // org.eu.mayrhofer.channel.SecureChannel
    public boolean isEstablished() {
        if (this.remoteHost == null || this.localAddr == null) {
            return false;
        }
        try {
            return getConnStatus(createConnName(this.localAddr, this.remoteHost)) == 1;
        } catch (IOException e) {
            logger.error(new StringBuffer().append("Could not execute command: ").append(e).toString());
            return false;
        } catch (ExitCodeException e2) {
            logger.error(new StringBuffer().append("Could not execute command: ").append(e2).toString());
            return false;
        }
    }

    @Override // org.eu.mayrhofer.channel.IPSecConnection
    public int importCertificate(String str, String str2, boolean z) {
        return -1;
    }

    public void dispose() {
        if (this.remoteHost == null || this.persistent) {
            return;
        }
        stop();
    }

    protected int getConnStatus(String str) throws ExitCodeException, IOException {
        int i = -1;
        String executeCommand = Command.executeCommand(new String[]{"/usr/sbin/ipsec", "auto", "--status"}, null, null);
        StringTokenizer stringTokenizer = new StringTokenizer(executeCommand, "\n");
        boolean z = false;
        while (stringTokenizer.hasMoreElements()) {
            String nextToken = stringTokenizer.nextToken();
            if (!z && nextToken.startsWith(new StringBuffer().append("000 \"").append(str.trim()).append("\"").toString())) {
                if (nextToken.indexOf(UNROUTET) != -1 || nextToken.indexOf(EROUTED_HOLD) != -1) {
                    z = true;
                    i = 0;
                } else if (nextToken.indexOf(EROUTED) != -1) {
                    z = true;
                    i = 1;
                } else {
                    i = -1;
                }
            }
        }
        StringTokenizer stringTokenizer2 = new StringTokenizer(executeCommand, "\n");
        boolean z2 = false;
        while (stringTokenizer2.hasMoreElements()) {
            String nextToken2 = stringTokenizer2.nextToken();
            if (!z2 && nextToken2.startsWith("000 #") && nextToken2.indexOf(str) != -1 && nextToken2.indexOf(IPSEC_ESTABLISHED) != -1) {
                z2 = true;
                i = 1;
            }
        }
        return i;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$eu$mayrhofer$channel$IPSecConnection_Openswan == null) {
            cls = class$("org.eu.mayrhofer.channel.IPSecConnection_Openswan");
            class$org$eu$mayrhofer$channel$IPSecConnection_Openswan = cls;
        } else {
            cls = class$org$eu$mayrhofer$channel$IPSecConnection_Openswan;
        }
        logger = Logger.getLogger(cls);
    }
}
