package com.sleepycat.je.rep.utilint.net;

import com.sleepycat.je.rep.net.InstanceLogger;
import com.sleepycat.je.rep.net.InstanceParams;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;
import java.util.logging.Level;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:lib/je-6.4.9.jar:com/sleepycat/je/rep/utilint/net/SSLStdHostVerifier.class */
public class SSLStdHostVerifier implements HostnameVerifier {
    private final InstanceLogger logger;
    private static final int ALTNAME_DNS = 2;
    private static final int ALTNAME_IP = 7;

    public SSLStdHostVerifier(InstanceParams instanceParams) {
        this.logger = instanceParams.getContext().getLoggerFactory().getLogger(getClass());
    }

    @Override // javax.net.ssl.HostnameVerifier
    public boolean verify(String str, SSLSession sSLSession) {
        if (str == null) {
            return false;
        }
        try {
            Principal peerPrincipal = sSLSession.getPeerPrincipal();
            Certificate[] peerCertificates = sSLSession.getPeerCertificates();
            if (peerPrincipal != null && (peerPrincipal instanceof X500Principal) && str.equalsIgnoreCase(((X500Principal) peerPrincipal).getName("RFC1779"))) {
                return true;
            }
            if (!(peerCertificates[0] instanceof X509Certificate)) {
                return false;
            }
            X509Certificate x509Certificate = (X509Certificate) peerCertificates[0];
            Collection<List<?>> collection = null;
            try {
                collection = x509Certificate.getSubjectAlternativeNames();
            } catch (CertificateParsingException e) {
                this.logger.log(Level.INFO, "Unable to parse peer certificate: issuer = " + x509Certificate.getIssuerX500Principal() + ", serialNumber = " + x509Certificate.getSerialNumber());
            }
            if (collection == null) {
                return false;
            }
            for (List<?> list : collection) {
                int intValue = ((Integer) list.get(0)).intValue();
                if (intValue == 7 || intValue == 2) {
                    if (str.equals((String) list.get(1))) {
                        return true;
                    }
                }
            }
            return false;
        } catch (SSLPeerUnverifiedException e2) {
            return false;
        }
    }
}
