package com.trendmicro.proxy.nginx;

import android.content.Context;
import android.os.AsyncTask;
import android.util.Base64;
import android.util.Log;
import com.trendmicro.vpn.common.VersionInfo;
import com.trendmicro.vpn.common.VpnSqliteAdapter;
import com.trendmicro.vpn.common.data.VpnCommandsConstants;
import com.trendmicro.vpn.error.PackageChecker;
import com.trendmicro.vpn.mup.MUPAccount;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileFilter;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.ServerSocket;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.logging.Logger;
import org.strongswan.android.logic.TrustedCertificateManager;
import org.xmlpull.v1.XmlPullParser;

/* loaded from: classes.dex */
public class NginxConfigureTask extends AsyncTask {
    public static final String DIRECTPASS_CERT_FILENAME = "dp.crt";
    public static final String NGINX_CACERT_FILENAME = "rootca.crt";
    public static final String NGINX_CAKEY_FILENAME = "rootca.key";
    public static final String NGINX_CONF_FILENAME = "nginx.conf";
    public static final String NGINX_MIMETYPES_FILENAME = "mime.types";
    private static final int READ_BUFFER_SIZE = 1024;
    private static final int ROOTCA_BUFFER_SIZE = 8192;
    private static final String TAG = "NginxConfigureTask";
    private static String caCert;
    private static String caKey;
    private String PROXY_DNS = "8.8.8.8 8.8.4.4";
    private String PROXY_DNS_PRIMARY = XmlPullParser.NO_NAMESPACE;
    private File certDirectory;
    private File certTempDirectory;
    private File certTrustedDirectory;
    private File confDirectory;
    private File logsDirectory;
    private File nginxDirectory;
    private static Logger logger = Logger.getLogger("nginx.android");
    private static int HTTP_PROXY_PORT = 35428;
    private static int HTTPS_PROXY_PORT = 35429;
    public static String DP_SERVER = "pwm-mubeta.trendmicro.com";
    public static boolean enableDP = false;
    public static boolean enableTMMS = false;

    public NginxConfigureTask() {
    }

    public NginxConfigureTask(File file) {
        this.nginxDirectory = file;
        this.logsDirectory = new File(this.nginxDirectory, "logs");
        this.confDirectory = new File(this.nginxDirectory, "conf");
        this.certDirectory = new File(this.nginxDirectory, "conf/certs");
        this.certTempDirectory = new File(this.nginxDirectory, "conf/certs/temp");
        this.certTrustedDirectory = new File(this.nginxDirectory, "conf/certs/trustedca");
    }

    private void cleanDirectoryFiles(File file) {
        if (file != null && file.exists() && file.isDirectory()) {
            Log.d(TAG, ">>>>> clean directory files:" + file.getAbsolutePath());
            String[] list = file.list();
            if (list != null) {
                for (String str : list) {
                    File file2 = new File(file, str);
                    if (file2.isFile()) {
                        file2.delete();
                    }
                }
            }
        }
    }

    private void cleanNgxRootCA() {
        cleanDirectoryFiles(this.certDirectory);
    }

    private void cleanNgxTrustedCerts() {
        cleanDirectoryFiles(this.certTrustedDirectory);
    }

    /* JADX WARN: Removed duplicated region for block: B:30:0x0061 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void copyNginxConf(java.io.InputStream r6, java.io.File r7) {
        /*
            r5 = this;
            java.lang.String r0 = "NginxConfigureTask"
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r1.<init>()
            java.lang.String r2 = "copy nginx config dest:"
            java.lang.StringBuilder r1 = r1.append(r2)
            java.lang.String r2 = r7.getPath()
            java.lang.StringBuilder r1 = r1.append(r2)
            java.lang.String r1 = r1.toString()
            android.util.Log.d(r0, r1)
            r2 = 0
            java.io.FileOutputStream r1 = new java.io.FileOutputStream     // Catch: java.lang.Throwable -> L7b java.io.IOException -> L7e
            r1.<init>(r7)     // Catch: java.lang.Throwable -> L7b java.io.IOException -> L7e
            r0 = 1024(0x400, float:1.435E-42)
            byte[] r0 = new byte[r0]     // Catch: java.io.IOException -> L37 java.lang.Throwable -> L5e
        L26:
            int r2 = r6.read(r0)     // Catch: java.io.IOException -> L37 java.lang.Throwable -> L5e
            if (r2 >= 0) goto L32
            if (r1 == 0) goto L31
            r1.close()     // Catch: java.io.IOException -> L65
        L31:
            return
        L32:
            r3 = 0
            r1.write(r0, r3, r2)     // Catch: java.io.IOException -> L37 java.lang.Throwable -> L5e
            goto L26
        L37:
            r0 = move-exception
        L38:
            java.util.logging.Logger r2 = com.trendmicro.proxy.nginx.NginxConfigureTask.logger     // Catch: java.lang.Throwable -> L5e
            java.lang.String r3 = r0.toString()     // Catch: java.lang.Throwable -> L5e
            r2.severe(r3)     // Catch: java.lang.Throwable -> L5e
            java.lang.String r2 = "NginxConfigureTask"
            java.lang.StringBuilder r3 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L5e
            r3.<init>()     // Catch: java.lang.Throwable -> L5e
            java.lang.String r4 = "copy nginx config error:"
            java.lang.StringBuilder r3 = r3.append(r4)     // Catch: java.lang.Throwable -> L5e
            java.lang.String r4 = r0.toString()     // Catch: java.lang.Throwable -> L5e
            java.lang.StringBuilder r3 = r3.append(r4)     // Catch: java.lang.Throwable -> L5e
            java.lang.String r3 = r3.toString()     // Catch: java.lang.Throwable -> L5e
            android.util.Log.d(r2, r3)     // Catch: java.lang.Throwable -> L5e
            throw r0     // Catch: java.lang.Throwable -> L5e
        L5e:
            r0 = move-exception
        L5f:
            if (r1 == 0) goto L64
            r1.close()     // Catch: java.io.IOException -> L70
        L64:
            throw r0
        L65:
            r0 = move-exception
            java.util.logging.Logger r1 = com.trendmicro.proxy.nginx.NginxConfigureTask.logger
            java.lang.String r0 = r0.toString()
            r1.warning(r0)
            goto L31
        L70:
            r1 = move-exception
            java.util.logging.Logger r2 = com.trendmicro.proxy.nginx.NginxConfigureTask.logger
            java.lang.String r1 = r1.toString()
            r2.warning(r1)
            goto L64
        L7b:
            r0 = move-exception
            r1 = r2
            goto L5f
        L7e:
            r0 = move-exception
            r1 = r2
            goto L38
        */
        throw new UnsupportedOperationException("Method not decompiled: com.trendmicro.proxy.nginx.NginxConfigureTask.copyNginxConf(java.io.InputStream, java.io.File):void");
    }

    private String genDirectPassHeaderConfig(boolean z) {
        if (DP_SERVER == null || DP_SERVER.length() == 0) {
            return XmlPullParser.NO_NAMESPACE;
        }
        String str = XmlPullParser.NO_NAMESPACE;
        String str2 = XmlPullParser.NO_NAMESPACE;
        String str3 = XmlPullParser.NO_NAMESPACE;
        int i = HTTP_PROXY_PORT;
        if (z) {
            i = HTTPS_PROXY_PORT;
            str = getHTTPsConfig();
            str2 = "\t\t\t\tproxy_set_header X-YAMATO-AUTHKEY " + MUPAccount.authKey + ";\t\n\t\t\t\tproxy_set_header X-YAMATO-ACCOUNTID " + MUPAccount.accountID + ";\t\n\t\t\t\tproxy_set_header X-YAMATO-PID " + MUPAccount.pID + ";\t\t\n\t\t\t\tproxy_set_header X-YAMATO-LOCALE " + MUPAccount.locale + ";\t\n\t\t\t\tproxy_set_header X-YAMATO-GUID " + MUPAccount.deviceGUID + ";\t\n" + XmlPullParser.NO_NAMESPACE;
            str3 = "\t\t\t\tproxy_ssl_verify on;\t\t\t\t\t\t\t\n\t\t\t\tproxy_ssl_verify_depth 3;\t\t\t\t\t\t\n\t\t\t\tproxy_ssl_trusted_certificate certs/dp.crt;\n";
        }
        return (XmlPullParser.NO_NAMESPACE + "   \tupstream " + DP_SERVER + " {                    \n\t\t\tserver " + DP_SERVER + ":443;\t\t\t\t\n \t\tkeepalive 10;\t\t\t\t\t\t\t\n\t  \t}\t\t\t\t\t\t\t\t\t\t\t\n") + "\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\tserver {\t\t\t\t\t\t\t\t\t\n\t\t\tlisten       127.0.0.1:" + i + ";\t\t\t\n\t\t\tserver_name  " + DP_SERVER + ";\t\t\n\t\t\t" + str + "\t\t\t\t\t\t\t\n\t\t\tlocation / {\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t" + getNginxGZIPConfig() + "\t\t\t\t\n\t\t\t\tproxy_pass      " + getProxyPassConfig() + ";\t\n\t\t\t\tproxy_buffers   256 16k;\t\t\t\t\t\t\n\t\t\t\tproxy_buffer_size   16k;\t\t\t\t\n\t\t\t\tproxy_max_temp_file_size        0k;\t\t\n\t\t\t\tproxy_http_version 1.1;\t\t\t\t\t\n\t\t\t\tproxy_set_header Connection \"\";\t\t\n\t\t\t\t" + str2 + "\t\t\t\t\t\t\t\n\t\t\t\t" + str3 + "\t\t\t\t\t\t\t\t\n\t\t\t\t" + getDirectPassConfig(true) + "\t\t\t\t\t\n\t\t\t}\t\t\t\t\t\t\t\t\t\t\t\n\t\t}\t\t\t\t\t\t\t\t\t\t\t\t\n";
    }

    private boolean generateDPCert() {
        File file = new File(this.certDirectory, DIRECTPASS_CERT_FILENAME);
        if (file.exists()) {
            return true;
        }
        return generateFile(getDPCert(), file);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private boolean generateFile(String str, File file) {
        ByteArrayInputStream byteArrayInputStream;
        String str2;
        boolean z = false;
        ByteArrayInputStream byteArrayInputStream2 = null;
        byteArrayInputStream2 = null;
        byteArrayInputStream2 = null;
        ByteArrayInputStream byteArrayInputStream3 = null;
        try {
            try {
                try {
                    byteArrayInputStream = new ByteArrayInputStream(str.getBytes("UTF-8"));
                    try {
                        copyNginxConf(byteArrayInputStream, file);
                        z = true;
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (IOException e) {
                                StringBuilder append = new StringBuilder().append("can not close input stream of ").append(file.getName()).append(": ");
                                Log.e(TAG, append.append(e.getMessage()).toString());
                                byteArrayInputStream2 = append;
                            }
                        }
                    } catch (UnsupportedEncodingException e2) {
                        e = e2;
                        Log.e(TAG, "can not generate " + file.getName() + ": " + e.getMessage());
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (IOException e3) {
                                Log.e(TAG, "can not close input stream of " + file.getName() + ": " + e3.getMessage());
                            }
                        }
                        str2 = "generateFile result : " + z;
                        Log.d(TAG, str2);
                        return z;
                    } catch (IOException e4) {
                        e = e4;
                        byteArrayInputStream3 = byteArrayInputStream;
                        Log.e(TAG, "can not generate " + file.getName() + ": " + e.getMessage());
                        byteArrayInputStream2 = byteArrayInputStream3;
                        if (byteArrayInputStream3 != null) {
                            try {
                                byteArrayInputStream3.close();
                                byteArrayInputStream2 = byteArrayInputStream3;
                            } catch (IOException e5) {
                                StringBuilder append2 = new StringBuilder().append("can not close input stream of ").append(file.getName()).append(": ");
                                Log.e(TAG, append2.append(e5.getMessage()).toString());
                                byteArrayInputStream2 = append2;
                            }
                        }
                        str2 = "generateFile result : " + z;
                        Log.d(TAG, str2);
                        return z;
                    }
                } catch (Throwable th) {
                    th = th;
                    if (byteArrayInputStream2 != null) {
                        try {
                            byteArrayInputStream2.close();
                        } catch (IOException e6) {
                            Log.e(TAG, "can not close input stream of " + file.getName() + ": " + e6.getMessage());
                        }
                    }
                    throw th;
                }
            } catch (UnsupportedEncodingException e7) {
                e = e7;
                byteArrayInputStream = null;
            } catch (IOException e8) {
                e = e8;
            }
            str2 = "generateFile result : " + z;
            Log.d(TAG, str2);
            return z;
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream2 = str2;
        }
    }

    private synchronized String getCAKey() {
        if (caKey == null) {
            updateRootCA();
        }
        return caKey;
    }

    private String getDPCert() {
        return "-----BEGIN CERTIFICATE-----\nMIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV\nBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln\nbiBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF\nMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT\nd2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC\nCgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUqt2/8\n76LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+\nbbqBHH5CjCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c\n6bM8K8vzARO/Ws/BtQpgvd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqE\nemA8atufK+ze3gE/bk3lUIbLtK/tREDFylqM2tIrfKjuvqblCqoOpd8FUrdVxyJd\nMmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvRAiTysybUa9oEVeXBCsdt\nMDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuendjIj3o02y\nMszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69y\nFGkOpeUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPi\naG59je883WX0XaxR7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxM\ngI93e2CaHt+28kgeDrpOVG2Y4OGiGqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCB\nqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWyV7\nlqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn\n8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov\nL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe6\n45R88a7A3hfm5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczO\nUYrHUDFu4Up+GC9pWbY9ZIEr44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5\nO1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOfMke6UiI0HTJ6CVanfCU2qT1L2sCC\nbwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6mGu6uLftIdxf+u+yv\nGPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxpmo/a\n77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCC\nhdiDyyJkvC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid3\n92qgQmwLOM7XdVAyksLfKzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEpp\nLd6leNcG2mqeSz53OiATIgHQv2ieY2BrNU0LbbqhPcCT4H8js1WtciVORvnSFu+w\nZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt\nQc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ\n-----END CERTIFICATE-----";
    }

    private String getDirectPassConfig(boolean z) {
        String str = "<script type=\"text/javascript\">var yamatoInfo={proxyType:\"android\",proxyVersion:\"" + VersionInfo.getFullVerString() + "\",PID:\"" + MUPAccount.pID + "\"}</script>";
        String str2 = "<script src=\"https://" + DP_SERVER + "/extensionFrame/content_script.js\"></script>";
        if (!z) {
            str = str + str2;
        }
        return enableDP ? XmlPullParser.NO_NAMESPACE + "\t\t\t\t\t\t\tsub_filter   >\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t'>" + str + "';\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tsub_filter_once on;\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tinject_if_no_head '<head>" + str + "</head><';\t\n" : XmlPullParser.NO_NAMESPACE + "\t\t\t\t\tsub_filter_once off;\t\t\t\n";
    }

    private String getDirectPassHeaderConfig() {
        return enableDP ? XmlPullParser.NO_NAMESPACE + "\n\t\t\t" + genDirectPassHeaderConfig(true) + "\t\t\t\n" : XmlPullParser.NO_NAMESPACE;
    }

    private int getDirectoryFileNum(File file) {
        String[] list;
        int i = 0;
        if (file != null && file.exists() && file.isDirectory() && (list = file.list()) != null) {
            i = list.length;
        }
        Log.d(TAG, ">>>>> directory " + file.getAbsolutePath() + " has " + i + " files");
        return i;
    }

    private String getHTTPsConfig() {
        return " \t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tssl on;\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tssl_bump on;\t\t\t\t\t\t\t\t\n\t\t\t\tssl_cert_cache_file on;\t\t\t\t\t    \n\t\t\t\tssl_certs_temp " + this.certTempDirectory + ";\n\t\t\t\tssl_bump_mimic_server on; \t\t\t\t\t\n\t\t\t\tssl_bump_verify_server on;\t\t\t\t\t\n              ssl_trusted_server_cas " + this.certTrustedDirectory + "; \n\t\t\t\tssl_certificate certs/rootca.crt;\t\t\t\n\t\t\t\tssl_certificate_key certs/rootca.key;\t\t\n\t\t\t\tssl_ciphers  HIGH:!aNULL:!MD5;\t\t\t\t\n\t\t\t\tssl_prefer_server_ciphers  on;\t\t\t\t\n\t\t\t    " + ((!enableDP || DP_SERVER == null || DP_SERVER.length() <= 0) ? XmlPullParser.NO_NAMESPACE : "ssl_force_v12_url " + DP_SERVER + ";") + "\t\t\t\t\t\t\t\n";
    }

    private String getMimeType() {
        return "types {text/html                             html htm shtml;text/css                              css;text/xml                              xml;image/gif                             gif;image/jpeg                            jpeg jpg;application/javascript                js;application/atom+xml                  atom;application/rss+xml                   rss;text/mathml                           mml;text/plain                            txt;text/vnd.sun.j2me.app-descriptor      jad;text/vnd.wap.wml                      wml;text/x-component                      htc;image/png                             png;image/tiff                            tif tiff;image/vnd.wap.wbmp                    wbmp;image/x-icon                          ico;image/x-jng                           jng;image/x-ms-bmp                        bmp;image/svg+xml                         svg svgz;image/webp                            webp;application/font-woff                 woff;application/java-archive              jar war ear;application/json                      json;application/mac-binhex40              hqx;application/msword                    doc;application/pdf                       pdf;application/postscript                ps eps ai;application/rtf                       rtf;application/vnd.ms-excel              xls;application/vnd.ms-fontobject         eot;application/vnd.ms-powerpoint         ppt;application/vnd.wap.wmlc              wmlc;application/vnd.google-earth.kml+xml  kml;application/vnd.google-earth.kmz      kmz;application/x-7z-compressed           7z;application/x-cocoa                   cco;application/x-java-archive-diff       jardiff;application/x-java-jnlp-file          jnlp;application/x-makeself                run;application/x-perl                    pl pm;application/x-pilot                   prc pdb;application/x-rar-compressed          rar;application/x-redhat-package-manager  rpm;application/x-sea                     sea;application/x-shockwave-flash         swf;application/x-stuffit                 sit;application/x-tcl                     tcl tk;application/x-x509-ca-cert            der pem crt;application/x-xpinstall               xpi;application/xhtml+xml                 xhtml;application/zip                       zip;application/octet-stream              bin exe dll;application/octet-stream              deb;application/octet-stream              dmg;application/octet-stream              iso img;application/octet-stream              msi msp msm;application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;audio/midi                            mid midi kar;audio/mpeg                            mp3;audio/ogg                             ogg;audio/x-m4a                           m4a;audio/x-realaudio                     ra;video/3gpp                            3gpp 3gp;video/mp4                             mp4;video/mpeg                            mpeg mpg;video/quicktime                       mov;video/webm                            webm;video/x-flv                           flv;video/x-m4v                           m4v;video/x-mng                           mng;video/x-ms-asf                        asx asf;video/x-ms-wmv                        wmv;video/x-msvideo                       avi;}";
    }

    private String getNginxConfig(boolean z) {
        String str = "\t\tlog_format yamato '[$time_local] [$request_time $upstream_response_time] [$request_length $bytes_sent] [$remote_addr] $status $request [$host] [$scheme $connection' '-' '$connection_requests]';\n     access_log logs/access.log yamato;\t\t\t\t\t\t\t\n";
        String str2 = "error_log  logs/error.log  debug;";
        if (PackageChecker.isProduction()) {
            str2 = "error_log  /dev/null  crit;";
            str = "access_log off;";
        }
        String directPassConfig = getDirectPassConfig(false);
        String tMMSConfig = getTMMSConfig();
        if (!z) {
            updateListenPorts();
        }
        return "\t\t\t\t\t\t\t\t\t\t\t\t\t\t\nworker_processes  1;\t\t\t\t\t\t\t\t\t\t\t\t\npid        logs/nginx.pid;\t\t\t\t\t\t\t\t\t\t\ndaemon      off;\t\t\t\t\t\t\t\t\t\t\t\t\t\nmaster_process off;\t\t\t\t\t\t\t\t\t\t\t\t\n" + str2 + "\t\t\t\t\t\t\t\t\t\t\t\t\t\nworker_rlimit_nofile 4096;\t\t\t\t\t\t\t\t\t\t\nevents {worker_connections  1024;}\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\nhttp {\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\tsendfile\ton;\t\t\t\t\t\t\t\t\t\t\t\t\n\t\tkeepalive_timeout  30;\t\t\t\t\t\t\t\t\t\t\n\t\tserver_names_hash_bucket_size 64;\t\t\t\t\t\t\t\n\t\tinclude       mime.types;\t\t\t\t\t\t\t\t\t\n\t\tdefault_type  application/octet-stream;\t\t\t\t\t\t\n\t\tresolver " + this.PROXY_DNS_PRIMARY + " " + this.PROXY_DNS + " valid=3600s;\n\t\t" + str + "\t\t\t\t\t\t\t\t\t\t\t\t\n     client_max_body_size 0;\t\t\t\t\t\t\t\t\t\t\n\t\tserver {\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tlisten   127.0.0.1:" + HTTP_PROXY_PORT + ";\t\t\n\t\t\t\tlocation / {\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t" + getNginxGZIPConfig() + "\t\t\t\t\n\t\t\t\t\t\t\tproxy_pass      " + getProxyPassConfig() + ";\n\t\t\t\t\t\t\tproxy_buffers   256 16k;\t\t\t\t\n\t\t\t\t\t\t\tproxy_buffer_size   16k;\t\t\t\t\n\t\t\t\t            proxy_http_version 1.1;\t\t\t\t\t\n\t\t\t\t\t\t\tproxy_read_timeout \t180;\t\t\t\t\n\t\t\t\t\t\t\t" + directPassConfig + "\t\t\t\t\t\n\t\t\t\t\t\t\t" + tMMSConfig + "\t\t\t\t\t\t\t\n\t\t\t\t}\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tlocation /yamato_monitor { empty_gif;access_log\t\toff;} \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t}\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\tserver {\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tlisten   127.0.0.1:" + HTTPS_PROXY_PORT + " default ssl;\t\n\t\t\t\t" + getHTTPsConfig() + "\t\t\t\t\t\t\t\t\n\t\t\t\tlocation / {\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t" + getNginxGZIPConfig() + "\t\t\t\t\t\t\n\t\t\t\t\tproxy_pass      " + getProxyPassConfig() + ";\t\t\n\t\t\t\t\tproxy_buffers   256 16k;\t\t\t\t\t\t\n\t\t\t\t\tproxy_buffer_size   16k;\t\t\t\t\t\t\n\t\t\t\t    proxy_http_version 1.1;\t\t\t\t\t        \n\t\t\t\t\tproxy_read_timeout \t180;\t\t\t\t\t\t\n\t\t\t\t\t" + directPassConfig + "\t\t\t\t\t\t\t\n\t\t\t\t\t" + tMMSConfig + "\t\t\t\t\t\t\t\t\t\n\t\t\t\t}\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t}\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t" + getDirectPassHeaderConfig() + "\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n}\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n";
    }

    private String getNginxGZIPConfig() {
        return "\t\t\tgunzip on;\t\t\t\t\n\t\t\tgunzip_buffers  256 16k;\t\n";
    }

    private String getProxyPassConfig() {
        return "$scheme://$host";
    }

    private String getTMMSConfig() {
        return enableTMMS ? XmlPullParser.NO_NAMESPACE + "\t\t\t\t\turl_inspect on;\t\t\t\t\t\t\t\n" : XmlPullParser.NO_NAMESPACE + "\t\t\t\t\turl_inspect off;\t\t\t\t\t\t\n";
    }

    private ArrayList getTrustedCerts() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("-----BEGIN CERTIFICATE-----\nMIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG\nA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\ncyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\nMDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\nBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt\nYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\nADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE\nBarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is\nI19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G\nCSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do\nlbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc\nAA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k\n-----END CERTIFICATE-----");
        return arrayList;
    }

    private boolean makeDirectory(File file) {
        if (file.exists()) {
            return true;
        }
        return file.mkdir();
    }

    private int probeListenPort(int i) {
        int i2;
        IOException e;
        try {
            ServerSocket serverSocket = new ServerSocket(i);
            i2 = serverSocket.getLocalPort();
            try {
                serverSocket.close();
            } catch (IOException e2) {
                e = e2;
                e.printStackTrace();
                return i2;
            }
        } catch (IOException e3) {
            i2 = 0;
            e = e3;
        }
        return i2;
    }

    private void purgeTempCerts(long j) {
        if (this.certTempDirectory.exists()) {
            final long time = new Date().getTime() - j;
            File[] listFiles = this.certTempDirectory.listFiles(new FileFilter() { // from class: com.trendmicro.proxy.nginx.NginxConfigureTask.1
                @Override // java.io.FileFilter
                public boolean accept(File file) {
                    return file.lastModified() < time;
                }
            });
            if (listFiles != null) {
                Log.d(TAG, ">>>>> purgeTempCerts delete " + listFiles.length + " cert(s)");
                for (File file : listFiles) {
                    file.delete();
                }
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x005c A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.String readFromFile(java.io.File r7, int r8) {
        /*
            r0 = 0
            boolean r1 = r7.canRead()
            if (r1 == 0) goto L41
            java.io.FileInputStream r2 = new java.io.FileInputStream     // Catch: java.io.IOException -> L47 java.lang.Throwable -> L57
            r2.<init>(r7)     // Catch: java.io.IOException -> L47 java.lang.Throwable -> L57
            byte[] r3 = new byte[r8]     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            r1 = 0
            int r4 = r2.available()     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            int r4 = java.lang.Math.min(r4, r8)     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            int r4 = r2.read(r3, r1, r4)     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            java.lang.String r1 = "NginxConfigureTask"
            java.lang.StringBuilder r5 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            r5.<init>()     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            java.lang.String r6 = "readFromFile input stream read:"
            java.lang.StringBuilder r5 = r5.append(r6)     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            java.lang.StringBuilder r5 = r5.append(r4)     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            java.lang.String r5 = r5.toString()     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            android.util.Log.d(r1, r5)     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            if (r4 <= 0) goto L3c
            java.lang.String r1 = new java.lang.String     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            r5 = 0
            r1.<init>(r3, r5, r4)     // Catch: java.lang.Throwable -> L65 java.io.IOException -> L67
            r0 = r1
        L3c:
            if (r2 == 0) goto L41
            r2.close()     // Catch: java.io.IOException -> L42
        L41:
            return r0
        L42:
            r1 = move-exception
            r1.printStackTrace()
            goto L41
        L47:
            r1 = move-exception
            r2 = r0
        L49:
            r1.printStackTrace()     // Catch: java.lang.Throwable -> L65
            if (r2 == 0) goto L41
            r2.close()     // Catch: java.io.IOException -> L52
            goto L41
        L52:
            r1 = move-exception
            r1.printStackTrace()
            goto L41
        L57:
            r1 = move-exception
            r2 = r0
            r0 = r1
        L5a:
            if (r2 == 0) goto L5f
            r2.close()     // Catch: java.io.IOException -> L60
        L5f:
            throw r0
        L60:
            r1 = move-exception
            r1.printStackTrace()
            goto L5f
        L65:
            r0 = move-exception
            goto L5a
        L67:
            r1 = move-exception
            goto L49
        */
        throw new UnsupportedOperationException("Method not decompiled: com.trendmicro.proxy.nginx.NginxConfigureTask.readFromFile(java.io.File, int):java.lang.String");
    }

    private void updateListenPorts() {
        if (HTTP_PROXY_PORT != probeListenPort(HTTP_PROXY_PORT)) {
            HTTP_PROXY_PORT = probeListenPort(0);
        }
        if (HTTPS_PROXY_PORT != probeListenPort(HTTPS_PROXY_PORT)) {
            HTTPS_PROXY_PORT = probeListenPort(0);
        }
        Log.d(TAG, "updateListenPorts http: " + HTTP_PROXY_PORT + " https: " + HTTPS_PROXY_PORT);
    }

    private void updateRootCA() {
        File file = new File(this.certDirectory, NGINX_CACERT_FILENAME);
        File file2 = new File(this.certDirectory, NGINX_CAKEY_FILENAME);
        if (file.exists() && file2.exists()) {
            caCert = readFromFile(file, 8192);
            caKey = readFromFile(file2, 8192);
        } else {
            cleanNgxTempCerts();
            cleanNgxRootCA();
            byte[] bArr = new byte[8192];
            byte[] bArr2 = new byte[8192];
            int[] iArr = new int[1];
            int[] iArr2 = new int[1];
            if (Nginx.getRootCA(bArr, iArr, bArr2, iArr2) == 0) {
                Log.d(TAG, "certLen:" + iArr[0] + " keyLen:" + iArr2[0]);
                caCert = new String(bArr, 0, iArr[0]);
                caKey = new String(bArr2, 0, iArr2[0]);
            }
        }
        Log.d(TAG, "caCert:" + caCert);
        Log.d(TAG, "caKey:" + caKey);
    }

    private boolean updateTrustedCerts() {
        TrustedCertificateManager trustedCertificateManager = TrustedCertificateManager.getInstance();
        trustedCertificateManager.load();
        Hashtable systemCACertificates = trustedCertificateManager.getSystemCACertificates();
        ArrayList trustedCerts = getTrustedCerts();
        if ((systemCACertificates.size() + trustedCerts.size()) * 2 <= getDirectoryFileNum(this.certTrustedDirectory)) {
            return true;
        }
        cleanNgxTrustedCerts();
        Enumeration elements = systemCACertificates.elements();
        while (elements.hasMoreElements()) {
            try {
                Nginx.convertCACert(("-----BEGIN CERTIFICATE-----\n" + Base64.encodeToString(((X509Certificate) elements.nextElement()).getEncoded(), 0) + "-----END CERTIFICATE-----").getBytes("UTF-8"), this.certTrustedDirectory.getAbsolutePath());
            } catch (Exception e) {
                e.printStackTrace();
                return false;
            }
        }
        Iterator it = trustedCerts.iterator();
        while (it.hasNext()) {
            Nginx.convertCACert(((String) it.next()).getBytes("UTF-8"), this.certTrustedDirectory.getAbsolutePath());
        }
        Log.i(TAG, "Convert " + systemCACertificates.size() + " system certs and " + trustedCerts.size() + " trusted certs to trusted folder");
        return true;
    }

    public void checkEnableProduct(Context context) {
        enableTMMS = false;
        enableDP = false;
        VpnSqliteAdapter vpnSqliteAdapter = VpnSqliteAdapter.getInstance(context);
        boolean productEnableFromDB = vpnSqliteAdapter.getProductEnableFromDB(VpnCommandsConstants.TEST_APP_PKG);
        boolean productEnableFromDB2 = vpnSqliteAdapter.getProductEnableFromDB(VpnCommandsConstants.TEST_APP_DIRECTPASS_PKG);
        Log.d(TAG, "isTestAPP : " + productEnableFromDB + " isTestDPAPP : " + productEnableFromDB2);
        ArrayList productList = vpnSqliteAdapter.getProductList();
        if (productList != null) {
            Iterator it = productList.iterator();
            while (it.hasNext()) {
                VpnSqliteAdapter.ProductInfo productInfo = (VpnSqliteAdapter.ProductInfo) it.next();
                if (productInfo.productName.contains("directpass")) {
                    if (productInfo.isEnable && (!MUPAccount.authKey.equals("X-YAMATO-AUTHKEY") || productEnableFromDB || productEnableFromDB2)) {
                        enableDP = true;
                    }
                } else if (productInfo.productName.contains("tmms") && productInfo.isEnable) {
                    enableTMMS = true;
                }
            }
        }
        Log.d(TAG, "product status >>> dp : " + enableDP + " tmms : " + enableTMMS);
    }

    public void cleanNgxLogs() {
        cleanDirectoryFiles(this.logsDirectory);
    }

    public void cleanNgxTempCerts() {
        cleanDirectoryFiles(this.certTempDirectory);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    public Boolean doInBackground(String... strArr) {
        if (makeDirectory(this.nginxDirectory) && makeDirectory(this.logsDirectory) && makeDirectory(this.confDirectory) && makeDirectory(this.certDirectory) && makeDirectory(this.certTempDirectory) && makeDirectory(this.certTrustedDirectory)) {
            File file = new File(this.certDirectory, NGINX_CACERT_FILENAME);
            File file2 = new File(this.certDirectory, NGINX_CAKEY_FILENAME);
            if (((file.exists() && file2.exists()) || getCACert() == null || getCAKey() == null || (generateFile(getCACert(), file) && generateFile(getCAKey(), file2))) && updateTrustedCerts()) {
                purgeTempCerts(VpnCommandsConstants.TEMP_CERT_LIFETIME);
                return true;
            }
            return false;
        }
        return false;
    }

    public boolean generateNginxConfig(boolean z) {
        boolean z2 = false;
        if (makeDirectory(this.nginxDirectory) && makeDirectory(this.confDirectory) && generateFile(getNginxConfig(z), new File(this.confDirectory, NGINX_CONF_FILENAME)) && generateFile(getMimeType(), new File(this.confDirectory, NGINX_MIMETYPES_FILENAME)) && (!enableDP || generateDPCert())) {
            z2 = true;
        }
        Log.d(TAG, "generateNginxConf reload : " + z + " result : " + z2);
        return z2;
    }

    public synchronized String getCACert() {
        if (caCert == null) {
            updateRootCA();
        }
        return caCert;
    }

    public File getNginxConfLocation() {
        return new File(this.confDirectory, NGINX_CONF_FILENAME);
    }

    public File getNginxPrefix() {
        return this.nginxDirectory;
    }

    public String getProxyPorts() {
        StringBuilder sb = new StringBuilder();
        sb.append("http:");
        sb.append(HTTP_PROXY_PORT);
        sb.append(" https:");
        sb.append(HTTPS_PROXY_PORT);
        Log.d(TAG, "getProxyPorts: " + sb.toString());
        return sb.toString();
    }

    public void startCreateFolder() {
        Log.d(TAG, "make " + this.nginxDirectory + " : " + makeDirectory(this.nginxDirectory));
    }
}
