package com.owncloud.android.lib.common.network;

import com.nextcloud.common.DNSCache;
import com.owncloud.android.authentication.AuthenticatorActivity;
import com.owncloud.android.lib.common.utils.Log_OC;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;

/* loaded from: classes4.dex */
public class AdvancedSslSocketFactory implements SecureProtocolSocketFactory {
    private static final String TAG = "AdvancedSslSocketFactory";
    private X509HostnameVerifier mHostnameVerifier;
    private SSLContext mSslContext;
    private AdvancedX509TrustManager mTrustManager;

    public AdvancedSslSocketFactory(SSLContext sSLContext, AdvancedX509TrustManager advancedX509TrustManager, X509HostnameVerifier x509HostnameVerifier) {
        this.mSslContext = null;
        this.mTrustManager = null;
        this.mHostnameVerifier = null;
        if (sSLContext == null) {
            throw new IllegalArgumentException("AdvancedSslSocketFactory can not be created with a null SSLContext");
        }
        this.mSslContext = sSLContext;
        this.mTrustManager = advancedX509TrustManager;
        this.mHostnameVerifier = x509HostnameVerifier;
    }

    private void enableSecureProtocols(Socket socket) {
        ((SSLSocket) socket).setEnabledProtocols(this.mSslContext.getSupportedSSLParameters().getProtocols());
    }

    private InetAddress getInetAddressForHost(String str) throws UnknownHostException {
        return DNSCache.lookup(str).get(0);
    }

    private void verifyPeerIdentity(String str, int i, Socket socket) throws IOException {
        CertificateCombinedException certificateCombinedException;
        CertificateCombinedException certificateCombinedException2;
        SSLSession sSLSession = null;
        try {
            try {
                ((SSLSocket) socket).startHandshake();
                certificateCombinedException2 = null;
            } catch (IOException e) {
                try {
                    socket.close();
                } catch (Exception unused) {
                }
                throw e;
            }
        } catch (RuntimeException e2) {
            if (e2 instanceof CertificateCombinedException) {
                certificateCombinedException = (CertificateCombinedException) e2;
            } else {
                Throwable cause = e2.getCause();
                Throwable th = null;
                while (cause != null && cause != th && !(cause instanceof CertificateCombinedException)) {
                    th = cause;
                    cause = cause.getCause();
                }
                certificateCombinedException = cause instanceof CertificateCombinedException ? (CertificateCombinedException) cause : null;
            }
            if (certificateCombinedException == null) {
                throw e2;
            }
            certificateCombinedException.setHostInUrl(str);
            certificateCombinedException2 = certificateCombinedException;
        }
        boolean z = true;
        if (this.mHostnameVerifier != null) {
            if (certificateCombinedException2 != null) {
                try {
                    this.mHostnameVerifier.verify(str, certificateCombinedException2.getServerCertificate());
                } catch (SSLException unused2) {
                    z = false;
                }
            } else {
                sSLSession = ((SSLSocket) socket).getSession();
                if (!this.mTrustManager.isKnownServer((X509Certificate) sSLSession.getPeerCertificates()[0])) {
                    z = this.mHostnameVerifier.verify(str, sSLSession);
                }
            }
        }
        if (z) {
            if (certificateCombinedException2 == null) {
                return;
            }
            SSLHandshakeException sSLHandshakeException = new SSLHandshakeException("Server certificate could not be verified");
            sSLHandshakeException.initCause(certificateCombinedException2);
            throw sSLHandshakeException;
        }
        SSLPeerUnverifiedException sSLPeerUnverifiedException = new SSLPeerUnverifiedException("Names in the server certificate do not match to " + str + " in the URL");
        CertificateCombinedException certificateCombinedException3 = certificateCombinedException2;
        if (certificateCombinedException2 == null) {
            CertificateCombinedException certificateCombinedException4 = new CertificateCombinedException((X509Certificate) sSLSession.getPeerCertificates()[0]);
            certificateCombinedException4.setHostInUrl(str);
            certificateCombinedException3 = certificateCombinedException4;
        }
        certificateCombinedException3.setSslPeerUnverifiedException(sSLPeerUnverifiedException);
        sSLPeerUnverifiedException.initCause(certificateCombinedException3);
        throw sSLPeerUnverifiedException;
    }

    @Override // org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    public Socket createSocket(String str, int i) throws IOException {
        Log_OC.d(TAG, "Creating SSL Socket with remote " + str + AuthenticatorActivity.LOGIN_URL_DATA_KEY_VALUE_SEPARATOR + i);
        Socket createSocket = this.mSslContext.getSocketFactory().createSocket(getInetAddressForHost(str), i);
        enableSecureProtocols(createSocket);
        verifyPeerIdentity(str, i, createSocket);
        return createSocket;
    }

    @Override // org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException {
        Socket createSocket = this.mSslContext.getSocketFactory().createSocket(getInetAddressForHost(str), i, inetAddress, i2);
        enableSecureProtocols(createSocket);
        verifyPeerIdentity(str, i, createSocket);
        return createSocket;
    }

    @Override // org.apache.commons.httpclient.protocol.ProtocolSocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2, HttpConnectionParams httpConnectionParams) throws IOException, UnknownHostException, ConnectTimeoutException {
        String str2 = TAG;
        Log_OC.d(str2, "Creating SSL Socket with remote " + str + AuthenticatorActivity.LOGIN_URL_DATA_KEY_VALUE_SEPARATOR + i + ", local " + inetAddress + AuthenticatorActivity.LOGIN_URL_DATA_KEY_VALUE_SEPARATOR + i2 + ", params: " + httpConnectionParams);
        if (httpConnectionParams == null) {
            throw new IllegalArgumentException("Parameters may not be null");
        }
        int connectionTimeout = httpConnectionParams.getConnectionTimeout();
        SSLSocketFactory socketFactory = this.mSslContext.getSocketFactory();
        Log_OC.d(str2, " ... with connection timeout " + connectionTimeout + " and socket timeout " + httpConnectionParams.getSoTimeout());
        Socket createSocket = socketFactory.createSocket();
        enableSecureProtocols(createSocket);
        InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, i2);
        InetSocketAddress inetSocketAddress2 = new InetSocketAddress(getInetAddressForHost(str), i);
        createSocket.setSoTimeout(httpConnectionParams.getSoTimeout() * 5);
        createSocket.bind(inetSocketAddress);
        ServerNameIndicator.setServerNameIndication(str, (SSLSocket) createSocket);
        createSocket.connect(inetSocketAddress2, connectionTimeout);
        verifyPeerIdentity(str, i, createSocket);
        return createSocket;
    }

    @Override // org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException {
        Socket createSocket = this.mSslContext.getSocketFactory().createSocket(socket, str, i, z);
        enableSecureProtocols(createSocket);
        verifyPeerIdentity(str, i, createSocket);
        return createSocket;
    }

    public boolean equals(Object obj) {
        return obj != null && obj.getClass().equals(AdvancedSslSocketFactory.class);
    }

    public X509HostnameVerifier getHostNameVerifier() {
        return this.mHostnameVerifier;
    }

    public SSLContext getSslContext() {
        return this.mSslContext;
    }

    public int hashCode() {
        return AdvancedSslSocketFactory.class.hashCode();
    }

    public void setHostNameVerifier(X509HostnameVerifier x509HostnameVerifier) {
        this.mHostnameVerifier = x509HostnameVerifier;
    }
}
