package com.acompli.libcircle.net;

import com.acompli.libcircle.ClInterfaces;
import com.acompli.libcircle.log.Logger;
import com.acompli.libcircle.log.LoggerFactory;
import com.acompli.libcircle.metrics.EventBuilderAndLogger;
import com.acompli.libcircle.metrics.EventLogger;
import com.acompli.libcircle.util.StreamUtil;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.Socket;
import java.security.cert.CertificateEncodingException;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import okhttp3.internal.tls.OkHostnameVerifier;

/* loaded from: classes.dex */
public class SocketServerConnFactory implements ServerConnFactory {
    private static final Logger a = LoggerFactory.a("SocketServerConnFactory");
    private final ClInterfaces.ClConfig b;
    private final SSLSocketFactory c;
    private final EventLogger d;

    public SocketServerConnFactory(ClInterfaces.ClConfig clConfig, SSLSocketFactory sSLSocketFactory, EventLogger eventLogger) {
        this.b = clConfig;
        this.c = sSLSocketFactory;
        this.d = eventLogger;
    }

    private void a(SSLSocket sSLSocket) throws SSLException {
        if (OkHostnameVerifier.a.verify(this.b.d(), sSLSocket.getSession())) {
            return;
        }
        a.d("SSL handshake completed, but the server cert does not match the hostname");
        a.e("expected hostname: " + this.b.d());
        a.e("peer principal: " + sSLSocket.getSession().getPeerPrincipal().getName());
        EventBuilderAndLogger a2 = this.d.a("ssl_invalid_hostname").a("hostname", this.b.d()).a("peer_principal", sSLSocket.getSession().getPeerPrincipal().getName());
        try {
            String bigInteger = new BigInteger(sSLSocket.getSession().getPeerCertificates()[0].getEncoded()).toString(16);
            a.e("leaf cert: " + bigInteger);
            a2.a("leaf_cert", bigInteger);
        } catch (CertificateEncodingException e) {
            a.b("Failed to encode the offending leaf cert", e);
        }
        a2.b();
        throw new SSLException("Certificate is not valid for hostname " + this.b.d());
    }

    @Override // com.acompli.libcircle.net.ServerConnFactory
    public ServerConn a() throws IOException {
        a.c("Creating socket to " + this.b.d() + ":" + this.b.e());
        SSLSocket sSLSocket = null;
        InputStream inputStream = null;
        OutputStream outputStream = null;
        boolean z = false;
        try {
            sSLSocket = (SSLSocket) this.c.createSocket(this.b.d(), this.b.e());
            sSLSocket.startHandshake();
            sSLSocket.setKeepAlive(true);
            a(sSLSocket);
            inputStream = sSLSocket.getInputStream();
            outputStream = sSLSocket.getOutputStream();
            z = true;
            ServerConn serverConn = new ServerConn(sSLSocket, inputStream, outputStream, this.d);
            if (1 == 0) {
                StreamUtil.a(outputStream);
                StreamUtil.a(inputStream);
                StreamUtil.a((Socket) sSLSocket);
                this.b.k();
            } else {
                this.b.j();
            }
            return serverConn;
        } catch (Throwable th) {
            if (z) {
                this.b.j();
            } else {
                StreamUtil.a(outputStream);
                StreamUtil.a(inputStream);
                StreamUtil.a((Socket) sSLSocket);
                this.b.k();
            }
            throw th;
        }
    }
}
