package org.andstatus.app.net.http;

import android.net.SSLCertificateSocketFactory;
import cz.msebera.android.httpclient.HttpHost;
import cz.msebera.android.httpclient.conn.socket.ConnectionSocketFactory;
import cz.msebera.android.httpclient.conn.socket.LayeredConnectionSocketFactory;
import cz.msebera.android.httpclient.conn.ssl.AllowAllHostnameVerifier;
import cz.msebera.android.httpclient.conn.ssl.BrowserCompatHostnameVerifier;
import cz.msebera.android.httpclient.cookie.ClientCookie;
import cz.msebera.android.httpclient.protocol.HttpContext;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.util.concurrent.ConcurrentHashMap;
import javax.net.SocketFactory;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import org.andstatus.app.context.MyPreferences;
import org.andstatus.app.util.MyLog;

/* compiled from: TlsSniSocketFactory.kt */
@Metadata(d1 = {"\u0000R\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n\u0002\b\u0005\u0018\u0000 \u001d2\u00020\u0001:\u0001\u001dB\u000f\u0012\b\u0010\u0002\u001a\u0004\u0018\u00010\u0003¢\u0006\u0002\u0010\u0004J<\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\f2\u0006\u0010\r\u001a\u00020\n2\u0006\u0010\u000e\u001a\u00020\u000f2\u0006\u0010\u0010\u001a\u00020\u00112\b\u0010\u0012\u001a\u0004\u0018\u00010\u00112\b\u0010\u0013\u001a\u0004\u0018\u00010\u0014H\u0016J\u0018\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u000e\u001a\u00020\u0019H\u0002J,\u0010\u001a\u001a\u00020\n2\b\u0010\r\u001a\u0004\u0018\u00010\n2\u0006\u0010\u000e\u001a\u00020\u00192\u0006\u0010\u001b\u001a\u00020\f2\b\u0010\u0013\u001a\u0004\u0018\u00010\u0014H\u0016J\u0014\u0010\u001c\u001a\u0004\u0018\u00010\n2\b\u0010\u0013\u001a\u0004\u0018\u00010\u0014H\u0016R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n\u0000R\u0010\u0010\u0007\u001a\u0004\u0018\u00010\bX\u0082\u000e¢\u0006\u0002\n\u0000¨\u0006\u001e"}, d2 = {"Lorg/andstatus/app/net/http/TlsSniSocketFactory;", "Lcz/msebera/android/httpclient/conn/socket/LayeredConnectionSocketFactory;", "sslMode", "Lorg/andstatus/app/net/http/SslModeEnum;", "(Lorg/andstatus/app/net/http/SslModeEnum;)V", ClientCookie.SECURE_ATTR, "", "sslSocketFactory", "Landroid/net/SSLCertificateSocketFactory;", "connectSocket", "Ljava/net/Socket;", "timeout", "", "plain", "host", "Lcz/msebera/android/httpclient/HttpHost;", "remoteAddr", "Ljava/net/InetSocketAddress;", "localAddr", "context", "Lcz/msebera/android/httpclient/protocol/HttpContext;", "connectWithSNI", "", "ssl", "Ljavax/net/ssl/SSLSocket;", "", "createLayeredSocket", ClientCookie.PORT_ATTR, "createSocket", "Companion", "AndStatus-60.04_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes2.dex */
public final class TlsSniSocketFactory implements LayeredConnectionSocketFactory {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    private static final String TAG;
    private static final ConcurrentHashMap<SslModeEnum, TlsSniSocketFactory> instances;
    private final boolean secure;
    private SSLCertificateSocketFactory sslSocketFactory;

    /* compiled from: TlsSniSocketFactory.kt */
    @Metadata(d1 = {"\u0000.\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0006\u0010\t\u001a\u00020\nJ\u0012\u0010\u000b\u001a\u0004\u0018\u00010\f2\b\u0010\r\u001a\u0004\u0018\u00010\u0007R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\u0002\n\u0000R\u001e\u0010\u0005\u001a\u0012\u0012\u0006\u0012\u0004\u0018\u00010\u0007\u0012\u0006\u0012\u0004\u0018\u00010\b0\u0006X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u000e"}, d2 = {"Lorg/andstatus/app/net/http/TlsSniSocketFactory$Companion;", "", "()V", "TAG", "", "instances", "Ljava/util/concurrent/ConcurrentHashMap;", "Lorg/andstatus/app/net/http/SslModeEnum;", "Lorg/andstatus/app/net/http/TlsSniSocketFactory;", "forget", "", "getInstance", "Lcz/msebera/android/httpclient/conn/socket/ConnectionSocketFactory;", "sslMode", "AndStatus-60.04_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
    /* loaded from: classes2.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final void forget() {
            TlsSniSocketFactory.instances.clear();
        }

        public final ConnectionSocketFactory getInstance(SslModeEnum sslMode) {
            if (!TlsSniSocketFactory.instances.containsKey(sslMode)) {
                TlsSniSocketFactory.instances.put(sslMode, new TlsSniSocketFactory(sslMode));
            }
            return (ConnectionSocketFactory) TlsSniSocketFactory.instances.get(sslMode);
        }
    }

    static {
        String simpleName = Reflection.getOrCreateKotlinClass(TlsSniSocketFactory.class).getSimpleName();
        Intrinsics.checkNotNull(simpleName);
        TAG = simpleName;
        instances = new ConcurrentHashMap<>();
    }

    public TlsSniSocketFactory(SslModeEnum sslModeEnum) {
        boolean z = sslModeEnum == SslModeEnum.SECURE;
        this.secure = z;
        if (z) {
            SocketFactory socketFactory = SSLCertificateSocketFactory.getDefault(MyPreferences.INSTANCE.getConnectionTimeoutMs());
            Intrinsics.checkNotNull(socketFactory, "null cannot be cast to non-null type android.net.SSLCertificateSocketFactory");
            this.sslSocketFactory = (SSLCertificateSocketFactory) socketFactory;
        } else {
            SSLSocketFactory insecure = SSLCertificateSocketFactory.getInsecure(MyPreferences.INSTANCE.getConnectionTimeoutMs(), null);
            Intrinsics.checkNotNull(insecure, "null cannot be cast to non-null type android.net.SSLCertificateSocketFactory");
            this.sslSocketFactory = (SSLCertificateSocketFactory) insecure;
            MyLog.INSTANCE.i(TAG, "Insecure SSL allowed");
        }
    }

    private final void connectWithSNI(SSLSocket ssl, String host) {
        ssl.setEnabledProtocols(ssl.getSupportedProtocols());
        MyLog myLog = MyLog.INSTANCE;
        String str = TAG;
        myLog.d(str, "Using documented SNI with host name " + host);
        SSLCertificateSocketFactory sSLCertificateSocketFactory = this.sslSocketFactory;
        if (sSLCertificateSocketFactory != null) {
            sSLCertificateSocketFactory.setHostname(ssl, host);
        }
        SSLSession session = ssl.getSession();
        if (!session.isValid()) {
            MyLog.INSTANCE.i(str, "Invalid session to host:'" + host + '\'');
        }
        if (!(this.secure ? new BrowserCompatHostnameVerifier() : new AllowAllHostnameVerifier()).verify(host, session)) {
            throw new SSLPeerUnverifiedException("Cannot verify hostname: " + host);
        }
        MyLog.INSTANCE.d(str, "Established " + session.getProtocol() + " connection with " + session.getPeerHost() + " using " + session.getCipherSuite());
    }

    @Override // cz.msebera.android.httpclient.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int timeout, Socket plain, HttpHost host, InetSocketAddress remoteAddr, InetSocketAddress localAddr, HttpContext context) {
        Intrinsics.checkNotNullParameter(plain, "plain");
        Intrinsics.checkNotNullParameter(host, "host");
        Intrinsics.checkNotNullParameter(remoteAddr, "remoteAddr");
        MyLog.INSTANCE.d(TAG, "Preparing direct SSL connection (without proxy) to " + host + ", timeout:" + timeout);
        plain.close();
        SSLCertificateSocketFactory sSLCertificateSocketFactory = this.sslSocketFactory;
        Socket createSocket = sSLCertificateSocketFactory != null ? sSLCertificateSocketFactory.createSocket(remoteAddr.getAddress(), host.getPort()) : null;
        Intrinsics.checkNotNull(createSocket, "null cannot be cast to non-null type javax.net.ssl.SSLSocket");
        SSLSocket sSLSocket = (SSLSocket) createSocket;
        String hostName = host.getHostName();
        Intrinsics.checkNotNullExpressionValue(hostName, "host.getHostName()");
        connectWithSNI(sSLSocket, hostName);
        return sSLSocket;
    }

    @Override // cz.msebera.android.httpclient.conn.socket.LayeredConnectionSocketFactory
    public Socket createLayeredSocket(Socket plain, String host, int port, HttpContext context) {
        Intrinsics.checkNotNullParameter(host, "host");
        MyLog myLog = MyLog.INSTANCE;
        String str = TAG;
        myLog.d(str, "Preparing layered SSL connection (over proxy) to " + host);
        SSLCertificateSocketFactory sSLCertificateSocketFactory = this.sslSocketFactory;
        Socket createSocket = sSLCertificateSocketFactory != null ? sSLCertificateSocketFactory.createSocket(plain, host, port, true) : null;
        Intrinsics.checkNotNull(createSocket, "null cannot be cast to non-null type javax.net.ssl.SSLSocket");
        SSLSocket sSLSocket = (SSLSocket) createSocket;
        MyLog.INSTANCE.d(str, "Setting SNI/TLSv1.2 will silently fail because the handshake is already done");
        connectWithSNI(sSLSocket, host);
        return sSLSocket;
    }

    @Override // cz.msebera.android.httpclient.conn.socket.ConnectionSocketFactory
    public Socket createSocket(HttpContext context) {
        SSLCertificateSocketFactory sSLCertificateSocketFactory = this.sslSocketFactory;
        if (sSLCertificateSocketFactory != null) {
            return sSLCertificateSocketFactory.createSocket();
        }
        return null;
    }
}
