package org.apache.commons.httpclient.contrib.ssl;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import javax.net.SocketFactory;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.security.cert.X509Certificate;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:org/apache/commons/httpclient/contrib/ssl/StrictSSLProtocolSocketFactory.class */
public class StrictSSLProtocolSocketFactory implements SecureProtocolSocketFactory {
    private static final Log LOG;
    private boolean verifyHostname;
    static Class class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory;

    public StrictSSLProtocolSocketFactory(boolean z) {
        this.verifyHostname = true;
        this.verifyHostname = z;
    }

    public StrictSSLProtocolSocketFactory() {
        this.verifyHostname = true;
    }

    public void setHostnameVerification(boolean z) {
        this.verifyHostname = z;
    }

    public boolean getHostnameVerification() {
        return this.verifyHostname;
    }

    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) throws IOException, UnknownHostException {
        SSLSocket sSLSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(str, i, inetAddress, i2);
        verifyHostname(sSLSocket);
        return sSLSocket;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v15, types: [java.net.Socket] */
    /* JADX WARN: Type inference failed for: r0v7, types: [java.net.Socket] */
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2, HttpConnectionParams httpConnectionParams) throws IOException, UnknownHostException, ConnectTimeoutException {
        SSLSocket createSocket;
        if (httpConnectionParams == null) {
            throw new IllegalArgumentException("Parameters may not be null");
        }
        int connectionTimeout = httpConnectionParams.getConnectionTimeout();
        SocketFactory socketFactory = SSLSocketFactory.getDefault();
        if (connectionTimeout == 0) {
            createSocket = socketFactory.createSocket(str, i, inetAddress, i2);
        } else {
            createSocket = socketFactory.createSocket();
            InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, i2);
            InetSocketAddress inetSocketAddress2 = new InetSocketAddress(str, i);
            createSocket.bind(inetSocketAddress);
            createSocket.connect(inetSocketAddress2, connectionTimeout);
        }
        verifyHostname(createSocket);
        return createSocket;
    }

    public Socket createSocket(String str, int i) throws IOException, UnknownHostException {
        SSLSocket sSLSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(str, i);
        verifyHostname(sSLSocket);
        return sSLSocket;
    }

    public Socket createSocket(Socket socket, String str, int i, boolean z) throws IOException, UnknownHostException {
        SSLSocket sSLSocket = (SSLSocket) ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket(socket, str, i, z);
        verifyHostname(sSLSocket);
        return sSLSocket;
    }

    private void verifyHostname(SSLSocket sSLSocket) throws SSLPeerUnverifiedException, UnknownHostException {
        if (this.verifyHostname) {
            SSLSession session = sSLSocket.getSession();
            String peerHost = session.getPeerHost();
            try {
                InetAddress.getByName(peerHost);
                X509Certificate[] peerCertificateChain = session.getPeerCertificateChain();
                if (peerCertificateChain == null || peerCertificateChain.length == 0) {
                    throw new SSLPeerUnverifiedException("No server certificates found!");
                }
                String name = peerCertificateChain[0].getSubjectDN().getName();
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Server certificate chain:");
                    for (int i = 0; i < peerCertificateChain.length; i++) {
                        LOG.debug(new StringBuffer().append("X509Certificate[").append(i).append("]=").append(peerCertificateChain[i]).toString());
                    }
                }
                String cn = getCN(name);
                if (!peerHost.equalsIgnoreCase(cn)) {
                    throw new SSLPeerUnverifiedException(new StringBuffer().append("HTTPS hostname invalid: expected '").append(peerHost).append("', received '").append(cn).append("'").toString());
                }
                if (LOG.isDebugEnabled()) {
                    LOG.debug(new StringBuffer().append("Target hostname valid: ").append(cn).toString());
                }
            } catch (UnknownHostException e) {
                throw new UnknownHostException(new StringBuffer().append("Could not resolve SSL sessions server hostname: ").append(peerHost).toString());
            }
        }
    }

    private String getCN(String str) {
        int indexOf = str.indexOf("CN=");
        if (indexOf == -1) {
            return null;
        }
        String substring = str.substring(indexOf + 3);
        char[] charArray = substring.toCharArray();
        int i = 0;
        while (i < charArray.length && (charArray[i] != ',' || i <= 0 || charArray[i - 1] == '\\')) {
            i++;
        }
        return substring.substring(0, i);
    }

    public boolean equals(Object obj) {
        Class cls;
        if (obj == null) {
            return false;
        }
        Class<?> cls2 = obj.getClass();
        if (class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory == null) {
            cls = class$("org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory");
            class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory = cls;
        } else {
            cls = class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory;
        }
        return cls2.equals(cls) && ((StrictSSLProtocolSocketFactory) obj).getHostnameVerification() == this.verifyHostname;
    }

    public int hashCode() {
        Class cls;
        if (class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory == null) {
            cls = class$("org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory");
            class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory = cls;
        } else {
            cls = class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory;
        }
        return cls.hashCode();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory == null) {
            cls = class$("org.apache.commons.httpclient.contrib.ssl.StrictSSLProtocolSocketFactory");
            class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory = cls;
        } else {
            cls = class$org$apache$commons$httpclient$contrib$ssl$StrictSSLProtocolSocketFactory;
        }
        LOG = LogFactory.getLog(cls);
    }
}
