package at.bitfire.davdroid.webdav;

import android.annotation.TargetApi;
import android.net.SSLCertificateSocketFactory;
import android.os.Build;
import android.util.Log;
import ch.boye.httpclientandroidlib.HttpHost;
import ch.boye.httpclientandroidlib.conn.socket.LayeredConnectionSocketFactory;
import ch.boye.httpclientandroidlib.conn.ssl.BrowserCompatHostnameVerifier;
import ch.boye.httpclientandroidlib.protocol.HttpContext;
import ch.boye.httpclientandroidlib.util.LangUtils;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;

@TargetApi(LangUtils.HASH_SEED)
/* loaded from: classes.dex */
public class TlsSniSocketFactory implements LayeredConnectionSocketFactory {
    private static final String TAG = "davdroid.SNISocketFactory";
    static final TlsSniSocketFactory INSTANCE = new TlsSniSocketFactory();
    private static final SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0);
    private static final HostnameVerifier hostnameVerifier = new BrowserCompatHostnameVerifier();

    @Override // ch.boye.httpclientandroidlib.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
        socket.close();
        SSLSocket sSLSocket = (SSLSocket) sslSocketFactory.createSocket(inetSocketAddress.getAddress(), httpHost.getPort());
        if (Build.VERSION.SDK_INT >= 17) {
            Log.d(TAG, "Setting SNI hostname");
            sslSocketFactory.setHostname(sSLSocket, httpHost.getHostName());
        } else {
            Log.i(TAG, "No SNI support below Android 4.2!");
        }
        SSLSession session = sSLSocket.getSession();
        if (!hostnameVerifier.verify(httpHost.getHostName(), session)) {
            throw new SSLPeerUnverifiedException("Cannot verify hostname: " + httpHost);
        }
        Log.i(TAG, "Established " + session.getProtocol() + " connection with " + session.getPeerHost() + " using " + session.getCipherSuite());
        return sSLSocket;
    }

    @Override // ch.boye.httpclientandroidlib.conn.socket.LayeredConnectionSocketFactory
    public Socket createLayeredSocket(Socket socket, String str, int i, HttpContext httpContext) throws IOException, UnknownHostException {
        Log.wtf(TAG, "createLayeredSocket should never be called");
        return socket;
    }

    @Override // ch.boye.httpclientandroidlib.conn.socket.ConnectionSocketFactory
    public Socket createSocket(HttpContext httpContext) throws IOException {
        return sslSocketFactory.createSocket();
    }
}
