package com.evolveum.polygon.connector.ldap.connection;

import com.evolveum.polygon.common.GuardedStringAccessor;
import com.evolveum.polygon.connector.ldap.AbstractLdapConfiguration;
import com.evolveum.polygon.connector.ldap.ConnectionLog;
import com.evolveum.polygon.connector.ldap.ConnectorBinaryAttributeDetector;
import com.evolveum.polygon.connector.ldap.ErrorHandler;
import com.evolveum.polygon.connector.ldap.LdapUtil;
import com.evolveum.polygon.connector.ldap.schema.AbstractSchemaTranslator;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.function.Function;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.apache.commons.lang3.StringUtils;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.api.ldap.model.message.BindRequestImpl;
import org.apache.directory.api.ldap.model.message.LdapResult;
import org.apache.directory.api.ldap.model.message.ResultCodeEnum;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
import org.apache.directory.api.ldap.schema.manager.impl.DefaultSchemaManager;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.ldap.client.api.NoVerificationTrustManager;
import org.apache.directory.ldap.client.api.exception.LdapConnectionTimeOutException;
import org.apache.mina.transport.socket.DefaultSocketSessionConfig;
import org.identityconnectors.common.logging.Log;
import org.identityconnectors.common.security.GuardedString;
import org.identityconnectors.framework.common.exceptions.ConfigurationException;
import org.identityconnectors.framework.common.exceptions.ConnectionFailedException;
import org.identityconnectors.framework.common.objects.OperationOptions;

/* loaded from: input_file:com/evolveum/polygon/connector/ldap/connection/ServerConnectionPool.class */
public class ServerConnectionPool<C extends AbstractLdapConfiguration> {
    private static final Log LOG = Log.getLog(ServerConnectionPool.class);
    private final C configuration;
    private AbstractSchemaTranslator<C> schemaTranslator;
    private final ErrorHandler errorHandler;
    private final ConnectionLog connectionLog;
    private final List<ServerDefinition> servers = new ArrayList();
    private final ConnectorBinaryAttributeDetector<C> binaryAttributeDetector = new ConnectorBinaryAttributeDetector<>();

    public ServerConnectionPool(C c, ErrorHandler errorHandler, ConnectionLog connectionLog) {
        this.configuration = c;
        this.errorHandler = errorHandler;
        this.connectionLog = connectionLog;
    }

    public void setSchemaTranslator(AbstractSchemaTranslator<C> abstractSchemaTranslator) {
        this.schemaTranslator = abstractSchemaTranslator;
        this.binaryAttributeDetector.setSchemaTranslator(abstractSchemaTranslator);
        Iterator<ServerDefinition> it = this.servers.iterator();
        while (it.hasNext()) {
            it.next().applySchema(abstractSchemaTranslator);
        }
    }

    public void addServerDefinition(ServerDefinition serverDefinition) {
        if (!serverDefinition.isPrimary()) {
            this.servers.add(serverDefinition);
        } else {
            if (this.servers.size() > 0 && this.servers.get(0).isPrimary()) {
                throw new ConfigurationException("More than one primary server specified for base context " + serverDefinition.getBaseContext());
            }
            this.servers.add(0, serverDefinition);
        }
    }

    public List<ServerDefinition> getServers() {
        return this.servers;
    }

    public Dn getBaseContext() {
        return getPrimaryServer().getBaseContext();
    }

    public String getBaseContextString() {
        return getPrimaryServer().getBaseContextString();
    }

    public LdapNetworkConnection getConnection(OperationOptions operationOptions) {
        Iterator<ServerDefinition> it = this.servers.iterator();
        while (it.hasNext()) {
            it.next().resetAttempt();
        }
        long currentTimeMillis = System.currentTimeMillis();
        ConnectionFailedException connectionFailedException = null;
        ServerDefinition primaryServer = getPrimaryServer();
        if (primaryServer.isAvailable(currentTimeMillis)) {
            primaryServer.setAttempt();
            try {
                LdapNetworkConnection serverConnection = getServerConnection(primaryServer, operationOptions);
                setActiveServer(primaryServer);
                return serverConnection;
            } catch (ConnectionFailedException e) {
                connectionFailedException = e;
                LOG.ok("Failed to connect to primary server {0} for base context {1} (still trying other servers): {2}", new Object[]{primaryServer.shortDesc(), primaryServer.getBaseContext(), e.getMessage()});
                primaryServer.markDown(currentTimeMillis);
            }
        } else if (LOG.isOk()) {
            LOG.ok("Primary server {0} is not available, trying other servers", new Object[]{primaryServer.shortDesc()});
        }
        ServerDefinition activeServer = getActiveServer();
        if (activeServer != null && activeServer != primaryServer && activeServer.isAvailable(currentTimeMillis)) {
            activeServer.setAttempt();
            try {
                LdapNetworkConnection serverConnection2 = getServerConnection(activeServer, operationOptions);
                setActiveServer(activeServer);
                return serverConnection2;
            } catch (ConnectionFailedException e2) {
                connectionFailedException = e2;
                LOG.ok("Failed to connect to active server {0} for base context {1} (still trying other servers): {2}", new Object[]{activeServer.shortDesc(), activeServer.getBaseContext(), e2.getMessage()});
                activeServer.markDown(currentTimeMillis);
            }
        }
        for (ServerDefinition serverDefinition : this.servers) {
            if (!serverDefinition.wasAttempt() && serverDefinition.isAvailable(currentTimeMillis)) {
                serverDefinition.setAttempt();
                try {
                    LdapNetworkConnection serverConnection3 = getServerConnection(serverDefinition, operationOptions);
                    setActiveServer(serverDefinition);
                    return serverConnection3;
                } catch (ConnectionFailedException e3) {
                    connectionFailedException = e3;
                    LOG.ok("Failed to connect to server {0} for base context {1} (still trying other servers): {2}", new Object[]{serverDefinition.shortDesc(), serverDefinition.getBaseContext(), e3.getMessage()});
                    serverDefinition.markDown(currentTimeMillis);
                }
            }
        }
        for (ServerDefinition serverDefinition2 : this.servers) {
            if (!serverDefinition2.wasAttempt()) {
                serverDefinition2.setAttempt();
                try {
                    LdapNetworkConnection serverConnection4 = getServerConnection(serverDefinition2, operationOptions);
                    setActiveServer(serverDefinition2);
                    return serverConnection4;
                } catch (ConnectionFailedException e4) {
                    connectionFailedException = e4;
                    LOG.ok("Failed to connect to server {0} for base context {1} (desperate attempt): {2}", new Object[]{serverDefinition2.shortDesc(), serverDefinition2.getBaseContext(), e4.getMessage()});
                }
            }
        }
        throw connectionFailedException;
    }

    private ServerDefinition findServerDefinition(LdapNetworkConnection ldapNetworkConnection) {
        if (ldapNetworkConnection == null) {
            return null;
        }
        for (ServerDefinition serverDefinition : this.servers) {
            if (serverDefinition.getConnection() == ldapNetworkConnection) {
                return serverDefinition;
            }
        }
        return null;
    }

    public boolean isServerConnection(LdapNetworkConnection ldapNetworkConnection) {
        return findServerDefinition(ldapNetworkConnection) != null;
    }

    public ServerDefinition getPrimaryServer() {
        return this.servers.get(0);
    }

    private ServerDefinition getActiveServer() {
        for (ServerDefinition serverDefinition : this.servers) {
            if (serverDefinition.isActive()) {
                return serverDefinition;
            }
        }
        return null;
    }

    private void setActiveServer(ServerDefinition serverDefinition) {
        for (ServerDefinition serverDefinition2 : this.servers) {
            if (serverDefinition2 == serverDefinition) {
                serverDefinition2.setActive(true);
            } else {
                serverDefinition2.setActive(false);
            }
        }
    }

    private LdapNetworkConnection getServerConnection(ServerDefinition serverDefinition, OperationOptions operationOptions) {
        if (needsSpecialConnection(operationOptions)) {
            return createSpecialConnection(serverDefinition, operationOptions);
        }
        if (!serverDefinition.isConnected()) {
            connectServer(serverDefinition);
        }
        return serverDefinition.getConnection();
    }

    public LdapNetworkConnection getConnectionReconnect(LdapNetworkConnection ldapNetworkConnection, OperationOptions operationOptions, Exception exc) {
        ServerDefinition findServerDefinition = findServerDefinition(ldapNetworkConnection);
        if (findServerDefinition == null) {
            throw new IllegalStateException("No server for connection, probably a connector bug");
        }
        String str = "unknown reason";
        if (exc != null) {
            str = "reconnect due to " + exc.getClass().getSimpleName();
            LOG.ok("Reconnecting server {0} due to {1}: {2}", new Object[]{findServerDefinition, str, exc.getMessage()});
        } else {
            LOG.ok("Reconnecting server {0} due to unknown reason", new Object[]{findServerDefinition});
        }
        if (findServerDefinition.isConnected()) {
            closeServerConnection(findServerDefinition, str, exc);
        }
        try {
            return getServerConnection(findServerDefinition, operationOptions);
        } catch (ConnectionFailedException e) {
            LOG.ok("Cannot reconnect to the same server {0}, trying other servers", new Object[]{findServerDefinition});
            return getConnection(operationOptions);
        }
    }

    public LdapNetworkConnection getRandomConnection() {
        return getServerConnection(selectRandomServer(), null);
    }

    private ServerDefinition selectRandomServer() {
        return (ServerDefinition) LdapUtil.selectRandomItem(this.servers);
    }

    public void close(String str) {
        Iterator<ServerDefinition> it = this.servers.iterator();
        while (it.hasNext()) {
            closeServerConnection(it.next(), str, null);
        }
    }

    private void closeServerConnection(ServerDefinition serverDefinition, String str, Exception exc) {
        if (serverDefinition.getConnection() == null) {
            LOG.ok("Not closing connection {0} because there is no connection", new Object[]{serverDefinition});
            return;
        }
        try {
            unbindIfNeeded(serverDefinition, serverDefinition.getConnection(), exc);
            LOG.ok("Closing connection {0}", new Object[]{serverDefinition});
            serverDefinition.getConnection().close();
            this.connectionLog.success(serverDefinition, "close", str);
        } catch (IOException e) {
            if (exc == null) {
                LOG.error("Error closing connection {0}: {1}", new Object[]{serverDefinition, e.getMessage(), e});
                this.connectionLog.errorTagged(serverDefinition, "close", e, "ignored", str);
            } else {
                LOG.info("Error closing connection {0} while reconnecting: {1}", new Object[]{serverDefinition, e.getMessage()});
                this.connectionLog.errorTagged(serverDefinition, "close", e, "reconnect,ignored", str);
            }
        }
        serverDefinition.setConnection(null);
    }

    private void unbindIfNeeded(ServerDefinition serverDefinition, LdapNetworkConnection ldapNetworkConnection, Exception exc) throws IOException {
        if (isUnbindNeeded(ldapNetworkConnection, exc)) {
            try {
                LOG.ok("Unbinding connection {0}", new Object[]{LdapUtil.formatConnectionInfo(ldapNetworkConnection)});
                ldapNetworkConnection.unBind();
                this.connectionLog.success(serverDefinition, "unbind");
            } catch (LdapException e) {
                this.connectionLog.errorTagged(serverDefinition, "unbind", e, "ignored");
                LOG.warn("Unbind operation failed on {0} (ignoring): {1}", new Object[]{LdapUtil.formatConnectionInfo(ldapNetworkConnection), e.getMessage()});
            }
        }
    }

    private boolean isUnbindNeeded(LdapNetworkConnection ldapNetworkConnection, Exception exc) {
        if (ldapNetworkConnection == null || !this.configuration.isUseUnbind() || !ldapNetworkConnection.isConnected()) {
            return false;
        }
        if (exc == null || !(exc instanceof LdapConnectionTimeOutException)) {
            return true;
        }
        LOG.ok("Skipping unbind on connection {0} due to previous timeout ({1})", new Object[]{LdapUtil.formatConnectionInfo(ldapNetworkConnection), exc.getMessage()});
        return false;
    }

    private LdapConnectionConfig createLdapConnectionConfig(ServerDefinition serverDefinition) {
        LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig();
        ldapConnectionConfig.setLdapHost(serverDefinition.getHost());
        ldapConnectionConfig.setLdapPort(serverDefinition.getPort());
        ldapConnectionConfig.setTimeout(serverDefinition.getTimeout().longValue());
        ldapConnectionConfig.setConnectTimeout(serverDefinition.getConnectTimeout());
        ldapConnectionConfig.setWriteOperationTimeout(serverDefinition.getWriteOperationTimeout());
        ldapConnectionConfig.setReadOperationTimeout(serverDefinition.getReadOperationTimeout());
        ldapConnectionConfig.setCloseTimeout(serverDefinition.getCloseTimeout());
        ldapConnectionConfig.setSendTimeout(serverDefinition.getSendTimeout());
        String connectionSecurity = serverDefinition.getConnectionSecurity();
        if (connectionSecurity != null && !"none".equals(connectionSecurity)) {
            if (AbstractLdapConfiguration.CONNECTION_SECURITY_SSL.equals(connectionSecurity)) {
                ldapConnectionConfig.setUseSsl(true);
                ldapConnectionConfig.setTrustManagers(createTrustManager());
            } else {
                if (!AbstractLdapConfiguration.CONNECTION_SECURITY_STARTTLS.equals(connectionSecurity)) {
                    throw new ConfigurationException("Unknown value for connectionSecurity: " + connectionSecurity);
                }
                ldapConnectionConfig.setUseTls(true);
                ldapConnectionConfig.setTrustManagers(createTrustManager());
            }
        }
        String[] enabledSecurityProtocols = this.configuration.getEnabledSecurityProtocols();
        if (enabledSecurityProtocols != null) {
            ldapConnectionConfig.setEnabledProtocols(enabledSecurityProtocols);
        }
        String[] enabledCipherSuites = this.configuration.getEnabledCipherSuites();
        if (enabledCipherSuites != null) {
            ldapConnectionConfig.setEnabledCipherSuites(enabledCipherSuites);
        }
        String sslProtocol = this.configuration.getSslProtocol();
        if (sslProtocol != null) {
            ldapConnectionConfig.setSslProtocol(sslProtocol);
        }
        ldapConnectionConfig.setBinaryAttributeDetector(this.binaryAttributeDetector);
        return ldapConnectionConfig;
    }

    public LdapNetworkConnection connectServer(ServerDefinition serverDefinition) {
        if (serverDefinition.getConnection() != null) {
            closeServerConnection(serverDefinition, "strange close/open", new RuntimeException("old connection open while creating new connection"));
        }
        LdapNetworkConnection connectConnection = connectConnection(serverDefinition, createLdapConnectionConfig(serverDefinition), this.configuration.getBindDn());
        try {
            bind(connectConnection, serverDefinition);
            serverDefinition.setConnection(connectConnection);
            return connectConnection;
        } catch (RuntimeException e) {
            closeServerConnection(serverDefinition, "failed bind", e);
            throw new ConnectionFailedException(e.getMessage(), e);
        }
    }

    private TrustManager[] createTrustManager() {
        if (this.configuration.isAllowUntrustedSsl()) {
            return new TrustManager[]{new NoVerificationTrustManager()};
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init((KeyStore) null);
            return trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            LOG.error("Error creating trust manager: {0}", new Object[]{e});
            throw new ConnectionFailedException("Unable to create trust manager.");
        }
    }

    private LdapNetworkConnection connectConnection(ServerDefinition serverDefinition, LdapConnectionConfig ldapConnectionConfig, String str) {
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(ldapConnectionConfig);
        if (this.configuration.isTcpKeepAlive()) {
            DefaultSocketSessionConfig defaultSocketSessionConfig = new DefaultSocketSessionConfig();
            defaultSocketSessionConfig.setKeepAlive(this.configuration.isTcpKeepAlive());
            ldapNetworkConnection.setSocketSessionConfig(defaultSocketSessionConfig);
        }
        try {
            LOG.info("Connecting to {0}:{1} as {2}", new Object[]{ldapConnectionConfig.getLdapHost(), Integer.valueOf(ldapConnectionConfig.getLdapPort()), str});
            if (LOG.isOk()) {
                Object obj = "none";
                if (ldapConnectionConfig.isUseSsl()) {
                    obj = AbstractLdapConfiguration.CONNECTION_SECURITY_SSL;
                } else if (ldapConnectionConfig.isUseTls()) {
                    obj = "tls";
                }
                LOG.ok("Connection security: {0} (sslProtocol={1}, enabledSecurityProtocols={2}, enabledCipherSuites={3}", new Object[]{obj, ldapConnectionConfig.getSslProtocol(), ldapConnectionConfig.getEnabledProtocols(), ldapConnectionConfig.getEnabledCipherSuites()});
                LOG.ok("Connection networking parameters: timeout={0}, keepalive={1}", new Object[]{this.configuration.getConnectTimeout(), Boolean.valueOf(this.configuration.isTcpKeepAlive())});
            }
            boolean connect = ldapNetworkConnection.connect();
            LOG.ok("Connected ({0})", new Object[]{Boolean.valueOf(connect)});
            if (this.connectionLog.isSuccess()) {
                this.connectionLog.success(ldapNetworkConnection, "connect", ldapConnectionConfig.getLdapHost() + ":" + ldapConnectionConfig.getLdapPort());
            }
            if (connect) {
                return ldapNetworkConnection;
            }
            this.connectionLog.error(ldapNetworkConnection, "connect", "Not connected after connect", ldapConnectionConfig.getLdapHost() + ":" + ldapConnectionConfig.getLdapPort());
            throw new ConnectionFailedException("Unable to connect to LDAP server " + this.configuration.getHost() + ":" + this.configuration.getPort() + " due to unknown reasons");
        } catch (LdapException e) {
            this.connectionLog.error(ldapNetworkConnection, "connect", e, ldapConnectionConfig.getLdapHost() + ":" + ldapConnectionConfig.getLdapPort());
            try {
                ldapNetworkConnection.close();
            } catch (Exception e2) {
                this.connectionLog.error(ldapNetworkConnection, "close", "close after connect failure: " + e2.getMessage(), ldapConnectionConfig.getLdapHost() + ":" + ldapConnectionConfig.getLdapPort());
                LOG.error("Error closing connection (handling error during creation of a new connection): {1}", new Object[]{e2.getMessage(), e2});
            }
            throw new ConnectionFailedException(this.errorHandler.processLdapException("Unable to connect to LDAP server " + this.configuration.getHost() + ":" + this.configuration.getPort(), e).getMessage(), e);
        }
    }

    private void bind(LdapNetworkConnection ldapNetworkConnection, ServerDefinition serverDefinition) {
        bind(ldapNetworkConnection, serverDefinition, serverDefinition.getBindDn(), serverDefinition.getBindPassword());
    }

    private void bind(LdapNetworkConnection ldapNetworkConnection, ServerDefinition serverDefinition, String str, GuardedString guardedString) {
        final BindRequestImpl bindRequestImpl = new BindRequestImpl();
        try {
            bindRequestImpl.setDn(new Dn(createBindSchemaManager(), str));
            if (guardedString != null) {
                guardedString.access(new GuardedStringAccessor() { // from class: com.evolveum.polygon.connector.ldap.connection.ServerConnectionPool.1
                    @Override // com.evolveum.polygon.common.GuardedStringAccessor
                    public void access(char[] cArr) {
                        bindRequestImpl.setCredentials(new String(cArr));
                    }
                });
            }
            try {
                LdapResult ldapResult = ldapNetworkConnection.bind(bindRequestImpl).getLdapResult();
                if (ldapResult.getResultCode() != ResultCodeEnum.SUCCESS) {
                    this.connectionLog.error(ldapNetworkConnection, AbstractLdapConfiguration.RUN_AS_STRATEGY_BIND, ldapResult, str);
                    throw new ConnectionFailedException(this.errorHandler.processLdapResult("Unable to bind to LDAP server " + ldapNetworkConnection.getConfig().getLdapHost() + ":" + ldapNetworkConnection.getConfig().getLdapPort() + " as " + str, ldapResult).getMessage());
                }
                LOG.info("Bound to {0}:{1} as {2}: {3} ({4})", new Object[]{ldapNetworkConnection.getConfig().getLdapHost(), Integer.valueOf(ldapNetworkConnection.getConfig().getLdapPort()), str, ldapResult.getDiagnosticMessage(), ldapResult.getResultCode()});
                this.connectionLog.success(ldapNetworkConnection, AbstractLdapConfiguration.RUN_AS_STRATEGY_BIND, str);
            } catch (LdapException e) {
                throw new ConnectionFailedException(this.errorHandler.processLdapException("Unable to bind to LDAP server " + ldapNetworkConnection.getConfig().getLdapHost() + ":" + ldapNetworkConnection.getConfig().getLdapPort() + " as " + str, e).getMessage(), e);
            }
        } catch (LdapInvalidDnException e2) {
            throw new ConfigurationException("bindDn is not in DN format (server " + serverDefinition + "): " + e2.getMessage(), e2);
        }
    }

    private SchemaManager createBindSchemaManager() {
        if (this.schemaTranslator != null && this.schemaTranslator.getSchemaManager() != null) {
            return this.schemaTranslator.getSchemaManager();
        }
        DefaultSchemaManager defaultSchemaManager = new DefaultSchemaManager(new ArrayList(0));
        defaultSchemaManager.setRelaxed();
        return defaultSchemaManager;
    }

    private boolean needsSpecialConnection(OperationOptions operationOptions) {
        if (operationOptions == null || operationOptions.getRunAsUser() == null) {
            return false;
        }
        String runAsStrategy = this.configuration.getRunAsStrategy();
        boolean z = -1;
        switch (runAsStrategy.hashCode()) {
            case 3023933:
                if (runAsStrategy.equals(AbstractLdapConfiguration.RUN_AS_STRATEGY_BIND)) {
                    z = true;
                    break;
                }
                break;
            case 3387192:
                if (runAsStrategy.equals("none")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                LOG.ok("runAsUser option present, but runAsStrategy set to none, ignoring the option", new Object[0]);
                return false;
            case true:
                if (operationOptions.getRunWithPassword() != null) {
                    return true;
                }
                LOG.ok("runAsUser option present, but runWithPassword NOT present, ignoring the option", new Object[0]);
                return false;
            default:
                throw new IllegalArgumentException("Unknown runAsStrategy: " + this.configuration.getRunAsStrategy());
        }
    }

    private LdapNetworkConnection createSpecialConnection(ServerDefinition serverDefinition, OperationOptions operationOptions) {
        String runAsStrategy = this.configuration.getRunAsStrategy();
        boolean z = -1;
        switch (runAsStrategy.hashCode()) {
            case 3023933:
                if (runAsStrategy.equals(AbstractLdapConfiguration.RUN_AS_STRATEGY_BIND)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return createSpecialConnectionBind(serverDefinition, operationOptions);
            default:
                throw new IllegalArgumentException("Internal error with runAsStrategy " + this.configuration.getRunAsStrategy());
        }
    }

    private LdapNetworkConnection createSpecialConnectionBind(ServerDefinition serverDefinition, OperationOptions operationOptions) {
        String runAsUser = operationOptions.getRunAsUser();
        GuardedString runWithPassword = operationOptions.getRunWithPassword();
        LdapConnectionConfig createLdapConnectionConfig = createLdapConnectionConfig(serverDefinition);
        LOG.ok("Connecting to server {0} as user {1} (runAs)", new Object[]{createLdapConnectionConfig.getLdapHost(), runAsUser});
        LdapNetworkConnection connectConnection = connectConnection(serverDefinition, createLdapConnectionConfig, runAsUser);
        try {
            bind(connectConnection, serverDefinition, runAsUser, runWithPassword);
            return connectConnection;
        } catch (RuntimeException e) {
            closeServerConnection(serverDefinition, "failed bind", e);
            throw e;
        }
    }

    public void returnConnection(LdapNetworkConnection ldapNetworkConnection) {
        if (ldapNetworkConnection == null || isServerConnection(ldapNetworkConnection)) {
            return;
        }
        try {
            unbindIfNeeded(null, ldapNetworkConnection, null);
            ldapNetworkConnection.close();
            this.connectionLog.success(ldapNetworkConnection, "close");
        } catch (Exception e) {
            LOG.error("Error closing special connection: {0}", new Object[]{e.getMessage(), e});
            this.connectionLog.errorTagged(ldapNetworkConnection, "close", e, "ignored");
        }
    }

    public LdapNetworkConnection reconnect(LdapNetworkConnection ldapNetworkConnection, Exception exc) {
        LOG.warn("Reconnecting connection {0}, reason: {1}", new Object[]{LdapUtil.formatConnectionInfo(ldapNetworkConnection), exc});
        ServerDefinition findServerDefinition = findServerDefinition(ldapNetworkConnection);
        closeServerConnection(findServerDefinition, exc != null ? "reconnect due to " + exc.getClass().getSimpleName() : "unspecified reconnect", exc);
        connectServer(findServerDefinition);
        return findServerDefinition.getConnection();
    }

    public <T> T brutalSearch(Function<LdapNetworkConnection, T> function) {
        Iterator<ServerDefinition> it = this.servers.iterator();
        while (it.hasNext()) {
            T apply = function.apply(getServerConnection(it.next(), null));
            if (apply != null) {
                return apply;
            }
        }
        return null;
    }

    public String dump() {
        StringBuilder sb = new StringBuilder();
        dump(sb);
        return sb.toString();
    }

    public void dump(StringBuilder sb) {
        sb.append("POOL ").append(getBaseContextString()).append(StringUtils.LF);
        Iterator<ServerDefinition> it = this.servers.iterator();
        while (it.hasNext()) {
            ServerDefinition next = it.next();
            sb.append("  ");
            next.dump(sb);
            if (it.hasNext()) {
                sb.append(StringUtils.LF);
            }
        }
    }

    public String shortDesc() {
        return getBaseContext() + " (" + this.servers.size() + " servers)";
    }
}
