package com.groupon.http;

import android.annotation.TargetApi;
import android.net.SSLCertificateSocketFactory;
import android.os.Build;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.apache.http.HttpHost;
import org.apache.http.conn.socket.LayeredConnectionSocketFactory;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.protocol.HttpContext;
import roboguice.util.Ln;

@TargetApi(17)
/* loaded from: classes.dex */
public class TlsSniSocketFactory implements LayeredConnectionSocketFactory {
    protected HostnameVerifier hostnameVerifier = new BrowserCompatHostnameVerifier();
    protected SSLCertificateSocketFactory sslSocketFactory = (SSLCertificateSocketFactory) SSLCertificateSocketFactory.getDefault(0);

    @Override // org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket connectSocket(int i, Socket socket, HttpHost httpHost, InetSocketAddress inetSocketAddress, InetSocketAddress inetSocketAddress2, HttpContext httpContext) throws IOException {
        socket.close();
        SSLSocket sSLSocket = (SSLSocket) this.sslSocketFactory.createSocket(inetSocketAddress.getAddress(), httpHost.getPort());
        setSniHostname(httpHost.getHostName(), sSLSocket);
        return sSLSocket;
    }

    @Override // org.apache.http.conn.socket.LayeredConnectionSocketFactory
    public Socket createLayeredSocket(Socket socket, String str, int i, HttpContext httpContext) throws IOException {
        SSLSocket sSLSocket = (SSLSocket) this.sslSocketFactory.createSocket(socket, str, i, true);
        setSniHostname(str, sSLSocket);
        return sSLSocket;
    }

    @Override // org.apache.http.conn.socket.ConnectionSocketFactory
    public Socket createSocket(HttpContext httpContext) throws IOException {
        return this.sslSocketFactory.createSocket();
    }

    protected void setSniHostname(String str, SSLSocket sSLSocket) throws SSLException {
        sSLSocket.setEnabledProtocols(sSLSocket.getSupportedProtocols());
        if (Build.VERSION.SDK_INT >= 17) {
            Ln.i("Using documented SNI with hostname: %s", str);
            this.sslSocketFactory.setHostname(sSLSocket, str);
        } else {
            Ln.i("Using undocumented SNI support on Android < 4.2 via reflection with hostname: %s", str);
            try {
                sSLSocket.getClass().getMethod("setHostname", String.class).invoke(sSLSocket, str);
            } catch (Exception e) {
                Ln.e(e, "Reflection failed, unable to use SNI", new Object[0]);
            }
        }
        verifyHostname(str, sSLSocket);
    }

    protected void verifyHostname(String str, SSLSocket sSLSocket) throws SSLException {
        SSLSession session = sSLSocket.getSession();
        if (session == null) {
            throw new SSLException("Cannot verify SSL socket without session");
        }
        if (!this.hostnameVerifier.verify(str, session)) {
            throw new SSLPeerUnverifiedException("Cannot verify hostname: " + str);
        }
        Ln.i("Established %s connection with %s using %s", session.getProtocol(), session.getPeerHost(), session.getCipherSuite());
    }
}
