package com.microsoft.tfs.core.config.httpclient.internal;

import com.microsoft.tfs.core.httpclient.ConnectTimeoutException;
import com.microsoft.tfs.core.httpclient.params.HttpConnectionParams;
import com.microsoft.tfs.core.httpclient.protocol.SecureProtocolSocketFactory;
import com.microsoft.tfs.util.Check;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/com.microsoft.tfs.sdk-14.0.1.jar:com/microsoft/tfs/core/config/httpclient/internal/DefaultSSLProtocolSocketFactory.class */
public class DefaultSSLProtocolSocketFactory implements SecureProtocolSocketFactory {
    public static final String ACCEPT_UNTRUSTED_CERTIFICATES_PARAMETER = "DefaultSSLProtocolSocketFactory.acceptUntrustedCertificates";
    public static final String DISABLE_PROPERTY_NAME = "com.microsoft.tfs.core.config.httpclient.sslsocketfactory.disable";
    private static final Log log = LogFactory.getLog(DefaultSSLProtocolSocketFactory.class);
    private static final Object lock = new Object();
    private static SSLSocketFactory standardSocketFactory;
    private static SSLSocketFactory selfSignedSocketFactory;

    @Override // com.microsoft.tfs.core.httpclient.protocol.ProtocolSocketFactory
    public Socket createSocket(String str, int i, InetAddress inetAddress, int i2, HttpConnectionParams httpConnectionParams) throws IOException, UnknownHostException, ConnectTimeoutException {
        Check.notNull(httpConnectionParams, "params");
        int connectionTimeout = httpConnectionParams.getConnectionTimeout();
        Socket createSocket = getSocketFactory(httpConnectionParams).createSocket();
        createSocket.bind(new InetSocketAddress(inetAddress, i2));
        createSocket.connect(new InetSocketAddress(str, i), connectionTimeout);
        return createSocket;
    }

    @Override // com.microsoft.tfs.core.httpclient.protocol.SecureProtocolSocketFactory
    public Socket createSocket(Socket socket, String str, int i, HttpConnectionParams httpConnectionParams, boolean z) throws IOException, UnknownHostException {
        return getSocketFactory(httpConnectionParams).createSocket(socket, str, i, z);
    }

    private SSLSocketFactory getSocketFactory(HttpConnectionParams httpConnectionParams) {
        if (isEnabled()) {
            try {
                SSLSocketFactory selfSignedSocketFactory2 = httpConnectionParams.getBooleanParameter(ACCEPT_UNTRUSTED_CERTIFICATES_PARAMETER, false) ? getSelfSignedSocketFactory(httpConnectionParams) : getStandardSocketFactory(httpConnectionParams);
                if (selfSignedSocketFactory2 != null) {
                    return selfSignedSocketFactory2;
                }
            } catch (Exception e) {
                log.warn("Could not create SSL socket factory, falling back to default", e);
            }
        } else {
            log.info("SSLSocketFactory is disabled, falling back to system");
        }
        return (SSLSocketFactory) SSLSocketFactory.getDefault();
    }

    private boolean isEnabled() {
        return System.getProperty(DISABLE_PROPERTY_NAME) == null;
    }

    private SSLSocketFactory getStandardSocketFactory(HttpConnectionParams httpConnectionParams) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, CertificateException, IOException {
        SSLSocketFactory sSLSocketFactory;
        synchronized (lock) {
            if (standardSocketFactory == null) {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(null, new TrustManager[]{new DefaultX509TrustManager(null)}, null);
                standardSocketFactory = sSLContext.getSocketFactory();
            }
            sSLSocketFactory = standardSocketFactory;
        }
        return sSLSocketFactory;
    }

    private SSLSocketFactory getSelfSignedSocketFactory(HttpConnectionParams httpConnectionParams) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException {
        SSLSocketFactory sSLSocketFactory;
        synchronized (lock) {
            if (selfSignedSocketFactory == null) {
                SSLContext sSLContext = SSLContext.getInstance("SSL");
                sSLContext.init(null, new TrustManager[]{new SelfSignedX509TrustManager(null)}, null);
                selfSignedSocketFactory = sSLContext.getSocketFactory();
            }
            sSLSocketFactory = selfSignedSocketFactory;
        }
        return sSLSocketFactory;
    }
}
