package org.apache.a.e.c;

import com.a.a.b.ai;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import javax.net.SocketFactory;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLHandshakeException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.apache.a.n;

/* loaded from: input_file:org/apache/a/e/c/g.class */
public final class g implements org.apache.a.e.b.b {

    /* renamed from: a, reason: collision with root package name */
    private final org.apache.commons.c.a f185a;
    private final SSLSocketFactory b;
    private final HostnameVerifier c;
    private final String[] d;
    private final String[] e;

    private static HostnameVerifier c() {
        return new d(org.apache.a.e.d.f.a());
    }

    public static g b() {
        return new g(ai.a(), c());
    }

    public g(SSLContext sSLContext, HostnameVerifier hostnameVerifier) {
        this(((SSLContext) ai.a(sSLContext, "SSL context")).getSocketFactory(), hostnameVerifier);
    }

    private g(SSLSocketFactory sSLSocketFactory, HostnameVerifier hostnameVerifier) {
        this.f185a = org.apache.commons.c.c.b(getClass());
        this.b = (SSLSocketFactory) ai.a(sSLSocketFactory, "SSL socket factory");
        this.d = null;
        this.e = null;
        this.c = hostnameVerifier != null ? hostnameVerifier : c();
    }

    @Override // org.apache.a.e.b.a
    public final Socket a() {
        return SocketFactory.getDefault().createSocket();
    }

    @Override // org.apache.a.e.b.a
    public final Socket a(int i, Socket socket, n nVar, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2) {
        ai.a(nVar, "HTTP host");
        ai.a(inetSocketAddress, "Remote address");
        Socket createSocket = socket != null ? socket : SocketFactory.getDefault().createSocket();
        if (inetSocketAddress2 != null) {
            createSocket.bind(inetSocketAddress2);
        }
        if (i > 0) {
            try {
                if (createSocket.getSoTimeout() == 0) {
                    createSocket.setSoTimeout(i);
                }
            } catch (IOException e) {
                try {
                    createSocket.close();
                } catch (IOException unused) {
                }
                throw e;
            }
        }
        if (this.f185a.a()) {
            this.f185a.a("Connecting socket to " + inetSocketAddress + " with timeout " + i);
        }
        createSocket.connect(inetSocketAddress, i);
        if (!(createSocket instanceof SSLSocket)) {
            return a(createSocket, nVar.a(), inetSocketAddress.getPort());
        }
        SSLSocket sSLSocket = (SSLSocket) createSocket;
        this.f185a.a("Starting handshake");
        sSLSocket.startHandshake();
        a(sSLSocket, nVar.a());
        return createSocket;
    }

    @Override // org.apache.a.e.b.b
    public final Socket a(Socket socket, String str, int i) {
        SSLSocket sSLSocket = (SSLSocket) this.b.createSocket(socket, str, i, true);
        String[] enabledProtocols = sSLSocket.getEnabledProtocols();
        ArrayList arrayList = new ArrayList(enabledProtocols.length);
        for (String str2 : enabledProtocols) {
            if (!str2.startsWith("SSL")) {
                arrayList.add(str2);
            }
        }
        if (!arrayList.isEmpty()) {
            sSLSocket.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
        }
        if (this.f185a.a()) {
            this.f185a.a("Enabled protocols: " + Arrays.asList(sSLSocket.getEnabledProtocols()));
            this.f185a.a("Enabled cipher suites:" + Arrays.asList(sSLSocket.getEnabledCipherSuites()));
        }
        this.f185a.a("Starting handshake");
        sSLSocket.startHandshake();
        a(sSLSocket, str);
        return sSLSocket;
    }

    private void a(SSLSocket sSLSocket, String str) {
        try {
            SSLSession session = sSLSocket.getSession();
            SSLSession sSLSession = session;
            if (session == null) {
                sSLSocket.getInputStream().available();
                SSLSession session2 = sSLSocket.getSession();
                sSLSession = session2;
                if (session2 == null) {
                    sSLSocket.startHandshake();
                    sSLSession = sSLSocket.getSession();
                }
            }
            if (sSLSession == null) {
                throw new SSLHandshakeException("SSL session not available");
            }
            if (this.f185a.a()) {
                this.f185a.a("Secure session established");
                this.f185a.a(" negotiated protocol: " + sSLSession.getProtocol());
                this.f185a.a(" negotiated cipher suite: " + sSLSession.getCipherSuite());
                try {
                    X509Certificate x509Certificate = (X509Certificate) sSLSession.getPeerCertificates()[0];
                    this.f185a.a(" peer principal: " + x509Certificate.getSubjectX500Principal().toString());
                    Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                    if (subjectAlternativeNames != null) {
                        ArrayList arrayList = new ArrayList();
                        for (List<?> list : subjectAlternativeNames) {
                            if (!list.isEmpty()) {
                                arrayList.add((String) list.get(1));
                            }
                        }
                        this.f185a.a(" peer alternative names: ".concat(String.valueOf(arrayList)));
                    }
                    this.f185a.a(" issuer principal: " + x509Certificate.getIssuerX500Principal().toString());
                    Collection<List<?>> issuerAlternativeNames = x509Certificate.getIssuerAlternativeNames();
                    if (issuerAlternativeNames != null) {
                        ArrayList arrayList2 = new ArrayList();
                        for (List<?> list2 : issuerAlternativeNames) {
                            if (!list2.isEmpty()) {
                                arrayList2.add((String) list2.get(1));
                            }
                        }
                        this.f185a.a(" issuer alternative names: ".concat(String.valueOf(arrayList2)));
                    }
                } catch (Exception unused) {
                }
            }
            if (this.c.verify(str, sSLSession)) {
                return;
            }
            throw new SSLPeerUnverifiedException("Certificate for <" + str + "> doesn't match any of the subject alternative names: " + d.a((X509Certificate) sSLSession.getPeerCertificates()[0]));
        } catch (IOException e) {
            try {
                sSLSocket.close();
            } catch (Exception unused2) {
            }
            throw e;
        }
    }

    static {
        b bVar = b.f180a;
        c cVar = c.f181a;
        i iVar = i.f186a;
    }
}
