package org.opends.server.protocols.ldap;

import java.net.InetAddress;
import java.nio.ByteBuffer;
import java.nio.channels.SocketChannel;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicLong;
import java.util.concurrent.locks.ReentrantLock;
import org.opends.server.api.ClientConnection;
import org.opends.server.api.ConnectionHandler;
import org.opends.server.api.ConnectionSecurityProvider;
import org.opends.server.core.AbandonOperationBasis;
import org.opends.server.core.AddOperationBasis;
import org.opends.server.core.BindOperationBasis;
import org.opends.server.core.CompareOperationBasis;
import org.opends.server.core.DeleteOperationBasis;
import org.opends.server.core.DirectoryServer;
import org.opends.server.core.ExtendedOperationBasis;
import org.opends.server.core.ModifyDNOperationBasis;
import org.opends.server.core.ModifyOperationBasis;
import org.opends.server.core.PersistentSearch;
import org.opends.server.core.SearchOperation;
import org.opends.server.core.SearchOperationBasis;
import org.opends.server.core.UnbindOperationBasis;
import org.opends.server.extensions.NullConnectionSecurityProvider;
import org.opends.server.extensions.TLSCapableConnection;
import org.opends.server.extensions.TLSConnectionSecurityProvider;
import org.opends.server.loggers.AccessLogger;
import org.opends.server.loggers.ErrorLogger;
import org.opends.server.loggers.debug.DebugLogger;
import org.opends.server.loggers.debug.DebugTracer;
import org.opends.server.messages.MessageHandler;
import org.opends.server.messages.ProtocolMessages;
import org.opends.server.plugins.profiler.ProfilerPlugin;
import org.opends.server.protocols.asn1.ASN1Element;
import org.opends.server.protocols.asn1.ASN1OctetString;
import org.opends.server.protocols.asn1.ASN1Sequence;
import org.opends.server.protocols.internal.InternalClientConnection;
import org.opends.server.types.AbstractOperation;
import org.opends.server.types.CancelRequest;
import org.opends.server.types.CancelResult;
import org.opends.server.types.Control;
import org.opends.server.types.DN;
import org.opends.server.types.DebugLogLevel;
import org.opends.server.types.DirectoryException;
import org.opends.server.types.DisconnectReason;
import org.opends.server.types.ErrorLogCategory;
import org.opends.server.types.ErrorLogSeverity;
import org.opends.server.types.IntermediateResponse;
import org.opends.server.types.Operation;
import org.opends.server.types.ResultCode;
import org.opends.server.types.SearchResultEntry;
import org.opends.server.types.SearchResultReference;
import org.opends.server.util.StaticUtils;
import org.opends.server.util.TimeThread;

/* loaded from: input_file:org/opends/server/protocols/ldap/LDAPClientConnection.class */
public class LDAPClientConnection extends ClientConnection implements TLSCapableConnection {
    private static final DebugTracer TRACER = DebugLogger.getTracer();
    private boolean keepStats;
    private int clientPort;
    private int serverPort;
    private LDAPConnectionHandler connectionHandler;
    private LDAPStatistics statTracker;
    private long connectionID;
    private SocketChannel clientChannel;
    private String clientAddress;
    private String serverAddress;
    private TLSConnectionSecurityProvider tlsSecurityProvider;
    private ConnectionSecurityProvider securityProvider = null;
    private ConnectionSecurityProvider clearSecurityProvider = null;
    private ReentrantLock opsInProgressLock = new ReentrantLock();
    private ReentrantLock transmitLock = new ReentrantLock();
    private int elementReadState = 0;
    private byte elementType = 0;
    private int elementLength = 0;
    private int elementLengthBytesNeeded = 0;
    private byte[] elementValue = null;
    private int elementValueBytesRead = 0;
    private int elementValueBytesNeeded = 0;
    private int ldapVersion = 3;
    private LDAPRequestHandler requestHandler = null;
    private AtomicLong lastCompletionTime = new AtomicLong(TimeThread.getTime());
    private AtomicLong nextOperationID = new AtomicLong(0);
    private boolean connectionValid = true;
    private boolean disconnectRequested = false;
    private ConcurrentHashMap<Integer, AbstractOperation> operationsInProgress = new ConcurrentHashMap<>();
    private String protocol = "LDAP";

    public LDAPClientConnection(LDAPConnectionHandler lDAPConnectionHandler, SocketChannel socketChannel) {
        this.connectionHandler = lDAPConnectionHandler;
        this.clientChannel = socketChannel;
        this.keepStats = lDAPConnectionHandler.keepStats();
        this.clientAddress = socketChannel.socket().getInetAddress().getHostAddress();
        this.clientPort = socketChannel.socket().getPort();
        this.serverAddress = socketChannel.socket().getLocalAddress().getHostAddress();
        this.serverPort = socketChannel.socket().getLocalPort();
        LDAPStatistics statTracker = lDAPConnectionHandler.getStatTracker();
        this.statTracker = new LDAPStatistics(statTracker.getMonitorInstanceName() + " for " + toString(), statTracker);
        if (this.keepStats) {
            this.statTracker.updateConnect();
        }
        this.connectionID = DirectoryServer.newConnectionAccepted(this);
        if (this.connectionID < 0) {
            disconnect(DisconnectReason.ADMIN_LIMIT_EXCEEDED, true, ProtocolMessages.MSGID_LDAP_CONNHANDLER_REJECTED_BY_SERVER, new Object[0]);
        }
    }

    @Override // org.opends.server.api.ClientConnection
    public long getConnectionID() {
        return this.connectionID;
    }

    @Override // org.opends.server.api.ClientConnection
    public ConnectionHandler getConnectionHandler() {
        return this.connectionHandler;
    }

    public LDAPRequestHandler getRequestHandler() {
        return this.requestHandler;
    }

    public void setRequestHandler(LDAPRequestHandler lDAPRequestHandler) {
        this.requestHandler = lDAPRequestHandler;
    }

    public SocketChannel getSocketChannel() {
        return this.clientChannel;
    }

    @Override // org.opends.server.api.ClientConnection
    public String getProtocol() {
        return this.protocol;
    }

    @Override // org.opends.server.api.ClientConnection
    public String getClientAddress() {
        return this.clientAddress;
    }

    public int getClientPort() {
        return this.clientPort;
    }

    public String getClientHostPort() {
        return this.clientAddress + ":" + this.clientPort;
    }

    @Override // org.opends.server.api.ClientConnection
    public String getServerAddress() {
        return this.serverAddress;
    }

    public int getServerPort() {
        return this.serverPort;
    }

    public String getServerHostPort() {
        return this.serverAddress + ":" + this.serverPort;
    }

    @Override // org.opends.server.api.ClientConnection
    public InetAddress getRemoteAddress() {
        return this.clientChannel.socket().getInetAddress();
    }

    @Override // org.opends.server.api.ClientConnection
    public InetAddress getLocalAddress() {
        return this.clientChannel.socket().getLocalAddress();
    }

    @Override // org.opends.server.api.ClientConnection
    public boolean isSecure() {
        return this.securityProvider.isSecure();
    }

    @Override // org.opends.server.api.ClientConnection
    public ConnectionSecurityProvider getConnectionSecurityProvider() {
        return this.securityProvider;
    }

    @Override // org.opends.server.api.ClientConnection
    public void setConnectionSecurityProvider(ConnectionSecurityProvider connectionSecurityProvider) {
        this.securityProvider = connectionSecurityProvider;
        if (connectionSecurityProvider.isSecure()) {
            this.protocol = "LDAP+" + connectionSecurityProvider.getSecurityMechanismName();
        } else {
            this.protocol = "LDAP";
        }
    }

    @Override // org.opends.server.api.ClientConnection
    public String getSecurityMechanism() {
        return this.securityProvider.getSecurityMechanismName();
    }

    public long nextOperationID() {
        return this.nextOperationID.getAndIncrement();
    }

    @Override // org.opends.server.api.ClientConnection
    public void sendResponse(Operation operation) {
        removeOperationInProgress(operation.getMessageID());
        LDAPMessage operationToResponseLDAPMessage = operationToResponseLDAPMessage(operation);
        if (operationToResponseLDAPMessage != null) {
            sendLDAPMessage(this.securityProvider, operationToResponseLDAPMessage);
        }
    }

    private LDAPMessage operationToResponseLDAPMessage(Operation operation) {
        List<String> referralURLs;
        ProtocolOp searchResultDoneProtocolOp;
        ArrayList arrayList;
        ResultCode resultCode = operation.getResultCode();
        if (resultCode == null) {
            ErrorLogger.logError(ErrorLogCategory.REQUEST_HANDLING, ErrorLogSeverity.MILD_ERROR, ProtocolMessages.MSGID_LDAP_CLIENT_SEND_RESPONSE_NO_RESULT_CODE, operation.getOperationType().toString(), Long.valueOf(operation.getConnectionID()), Long.valueOf(operation.getOperationID()));
            resultCode = DirectoryServer.getServerErrorResultCode();
        }
        StringBuilder errorMessage = operation.getErrorMessage();
        DN matchedDN = operation.getMatchedDN();
        if (this.ldapVersion == 2) {
            referralURLs = null;
            if (resultCode == ResultCode.REFERRAL) {
                resultCode = ResultCode.CONSTRAINT_VIOLATION;
                errorMessage.append(MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_REFERRAL_RESULT_CHANGED));
            }
            List<String> referralURLs2 = operation.getReferralURLs();
            if (referralURLs2 != null && !referralURLs2.isEmpty()) {
                StringBuilder sb = new StringBuilder();
                Iterator<String> it = referralURLs2.iterator();
                sb.append(it.next());
                while (it.hasNext()) {
                    sb.append(", ");
                    sb.append(it.next());
                }
                errorMessage.append(MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_REFERRALS_OMITTED, String.valueOf(sb)));
            }
        } else {
            referralURLs = operation.getReferralURLs();
        }
        switch (operation.getOperationType()) {
            case ADD:
                searchResultDoneProtocolOp = new AddResponseProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs);
                break;
            case BIND:
                searchResultDoneProtocolOp = new BindResponseProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs, ((BindOperationBasis) operation).getServerSASLCredentials());
                break;
            case COMPARE:
                searchResultDoneProtocolOp = new CompareResponseProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs);
                break;
            case DELETE:
                searchResultDoneProtocolOp = new DeleteResponseProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs);
                break;
            case EXTENDED:
                if (this.ldapVersion != 2) {
                    ExtendedOperationBasis extendedOperationBasis = (ExtendedOperationBasis) operation;
                    searchResultDoneProtocolOp = new ExtendedResponseProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs, extendedOperationBasis.getResponseOID(), extendedOperationBasis.getResponseValue());
                    break;
                } else {
                    ErrorLogger.logError(ErrorLogCategory.REQUEST_HANDLING, ErrorLogSeverity.MILD_WARNING, ProtocolMessages.MSGID_LDAPV2_SKIPPING_EXTENDED_RESPONSE, Long.valueOf(getConnectionID()), String.valueOf(operation));
                    return null;
                }
            case MODIFY:
                searchResultDoneProtocolOp = new ModifyResponseProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs);
                break;
            case MODIFY_DN:
                searchResultDoneProtocolOp = new ModifyDNResponseProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs);
                break;
            case SEARCH:
                searchResultDoneProtocolOp = new SearchResultDoneProtocolOp(resultCode.getIntValue(), errorMessage.toString(), matchedDN, referralURLs);
                break;
            default:
                ErrorLogger.logError(ErrorLogCategory.REQUEST_HANDLING, ErrorLogSeverity.MILD_ERROR, ProtocolMessages.MSGID_LDAP_CLIENT_SEND_RESPONSE_INVALID_OP, String.valueOf(operation));
                return null;
        }
        if (this.ldapVersion == 2) {
            arrayList = null;
        } else {
            List<Control> responseControls = operation.getResponseControls();
            if (responseControls == null || responseControls.isEmpty()) {
                arrayList = null;
            } else {
                arrayList = new ArrayList(responseControls.size());
                Iterator<Control> it2 = responseControls.iterator();
                while (it2.hasNext()) {
                    arrayList.add(new LDAPControl(it2.next()));
                }
            }
        }
        return new LDAPMessage(operation.getMessageID(), searchResultDoneProtocolOp, arrayList);
    }

    @Override // org.opends.server.api.ClientConnection
    public void sendSearchEntry(SearchOperation searchOperation, SearchResultEntry searchResultEntry) {
        ArrayList arrayList;
        SearchResultEntryProtocolOp searchResultEntryProtocolOp = new SearchResultEntryProtocolOp(searchResultEntry);
        List<Control> controls = searchResultEntry.getControls();
        if (controls == null || controls.isEmpty()) {
            arrayList = null;
        } else {
            arrayList = new ArrayList(controls.size());
            Iterator<Control> it = controls.iterator();
            while (it.hasNext()) {
                arrayList.add(new LDAPControl(it.next()));
            }
        }
        sendLDAPMessage(this.securityProvider, new LDAPMessage(searchOperation.getMessageID(), searchResultEntryProtocolOp, arrayList));
    }

    @Override // org.opends.server.api.ClientConnection
    public boolean sendSearchReference(SearchOperation searchOperation, SearchResultReference searchResultReference) {
        ArrayList arrayList;
        if (this.ldapVersion == 2) {
            ErrorLogger.logError(ErrorLogCategory.REQUEST_HANDLING, ErrorLogSeverity.MILD_WARNING, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_SKIPPING_SEARCH_REFERENCE, Long.valueOf(getConnectionID()), Long.valueOf(searchOperation.getOperationID()), String.valueOf(searchResultReference)), ProtocolMessages.MSGID_LDAPV2_SKIPPING_SEARCH_REFERENCE);
            return false;
        }
        SearchResultReferenceProtocolOp searchResultReferenceProtocolOp = new SearchResultReferenceProtocolOp(searchResultReference);
        List<Control> controls = searchResultReference.getControls();
        if (controls == null || controls.isEmpty()) {
            arrayList = null;
        } else {
            arrayList = new ArrayList(controls.size());
            Iterator<Control> it = controls.iterator();
            while (it.hasNext()) {
                arrayList.add(new LDAPControl(it.next()));
            }
        }
        sendLDAPMessage(this.securityProvider, new LDAPMessage(searchOperation.getMessageID(), searchResultReferenceProtocolOp, arrayList));
        return true;
    }

    @Override // org.opends.server.api.ClientConnection
    protected boolean sendIntermediateResponseMessage(IntermediateResponse intermediateResponse) {
        IntermediateResponseProtocolOp intermediateResponseProtocolOp = new IntermediateResponseProtocolOp(intermediateResponse.getOID(), intermediateResponse.getValue());
        Operation operation = intermediateResponse.getOperation();
        List<Control> controls = intermediateResponse.getControls();
        ArrayList arrayList = new ArrayList(controls.size());
        Iterator<Control> it = controls.iterator();
        while (it.hasNext()) {
            arrayList.add(new LDAPControl(it.next()));
        }
        sendLDAPMessage(this.securityProvider, new LDAPMessage(operation.getMessageID(), intermediateResponseProtocolOp, arrayList));
        return this.connectionValid;
    }

    public void sendLDAPMessage(ConnectionSecurityProvider connectionSecurityProvider, LDAPMessage lDAPMessage) {
        ASN1Element encode = lDAPMessage.encode();
        ByteBuffer wrap = ByteBuffer.wrap(encode.encode());
        this.transmitLock.lock();
        try {
            try {
                try {
                    int limit = wrap.limit() - wrap.position();
                    if (!connectionSecurityProvider.writeData(wrap)) {
                        this.transmitLock.unlock();
                        return;
                    }
                    TRACER.debugProtocolElement(DebugLogLevel.VERBOSE, lDAPMessage);
                    TRACER.debugProtocolElement(DebugLogLevel.VERBOSE, encode);
                    wrap.rewind();
                    if (DebugLogger.debugEnabled()) {
                        TRACER.debugData(DebugLogLevel.VERBOSE, wrap);
                    }
                    if (this.keepStats) {
                        this.statTracker.updateMessageWritten(lDAPMessage, limit);
                    }
                    this.transmitLock.unlock();
                } catch (Throwable th) {
                    this.transmitLock.unlock();
                    throw th;
                }
            } catch (Exception e) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e);
                }
                disconnect(DisconnectReason.SERVER_ERROR, true, -1, String.valueOf(e), StaticUtils.getBacktrace(e));
                this.transmitLock.unlock();
            }
        } catch (Exception e2) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e2);
            }
            disconnect(DisconnectReason.SERVER_ERROR, true, -1, String.valueOf(e2), StaticUtils.getBacktrace(e2));
            this.transmitLock.unlock();
        }
    }

    @Override // org.opends.server.api.ClientConnection
    public void disconnect(DisconnectReason disconnectReason, boolean z, String str, int i) {
        int i2;
        if (this.disconnectRequested) {
            return;
        }
        if (this.keepStats) {
            this.statTracker.updateDisconnect();
        }
        if (this.connectionID >= 0) {
            DirectoryServer.connectionClosed(this);
        }
        this.connectionValid = false;
        this.opsInProgressLock.lock();
        try {
            try {
                this.disconnectRequested = true;
                this.opsInProgressLock.unlock();
            } catch (Exception e) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e);
                }
                this.opsInProgressLock.unlock();
            }
            cancelAllOperations(new CancelRequest(true, str));
            finalizeConnectionInternal();
            if (z && this.ldapVersion != 2) {
                try {
                    switch (disconnectReason) {
                        case PROTOCOL_ERROR:
                            i2 = 2;
                            break;
                        case SERVER_SHUTDOWN:
                            i2 = 52;
                            break;
                        case SERVER_ERROR:
                            i2 = DirectoryServer.getServerErrorResultCode().getIntValue();
                            break;
                        case ADMIN_LIMIT_EXCEEDED:
                        case IDLE_TIME_LIMIT_EXCEEDED:
                        case MAX_REQUEST_SIZE_EXCEEDED:
                        case IO_TIMEOUT:
                            i2 = 11;
                            break;
                        case CONNECTION_REJECTED:
                            i2 = 19;
                            break;
                        default:
                            i2 = 80;
                            break;
                    }
                    try {
                        this.securityProvider.writeData(ByteBuffer.wrap(new LDAPMessage(0, new ExtendedResponseProtocolOp(i2, str == null ? MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_CLIENT_GENERIC_NOTICE_OF_DISCONNECTION) : str, null, null, LDAPConstants.OID_NOTICE_OF_DISCONNECTION, null), null).encode().encode()));
                    } catch (Exception e2) {
                    }
                } catch (Exception e3) {
                }
            }
            try {
                this.securityProvider.disconnect(z);
            } catch (Exception e4) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e4);
                }
            }
            try {
                this.clientChannel.close();
            } catch (Exception e5) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e5);
                }
            }
            if (i == -1) {
                AccessLogger.logDisconnect(this, disconnectReason, null);
            } else {
                AccessLogger.logDisconnect(this, disconnectReason, str);
            }
            try {
                DirectoryServer.getPluginConfigManager().invokePostDisconnectPlugins(this, disconnectReason, i, str);
            } catch (Exception e6) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e6);
                }
            }
        } catch (Throwable th) {
            this.opsInProgressLock.unlock();
            throw th;
        }
    }

    @Override // org.opends.server.api.ClientConnection
    public Collection<AbstractOperation> getOperationsInProgress() {
        return this.operationsInProgress.values();
    }

    @Override // org.opends.server.api.ClientConnection
    public AbstractOperation getOperationInProgress(int i) {
        return this.operationsInProgress.get(Integer.valueOf(i));
    }

    public void addOperationInProgress(AbstractOperation abstractOperation) throws DirectoryException {
        int messageID = abstractOperation.getMessageID();
        this.opsInProgressLock.lock();
        try {
            try {
                if (this.disconnectRequested) {
                    throw new DirectoryException(ResultCode.UNWILLING_TO_PERFORM, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_CLIENT_DISCONNECT_IN_PROGRESS), ProtocolMessages.MSGID_LDAP_CLIENT_DISCONNECT_IN_PROGRESS);
                }
                if (this.operationsInProgress.get(Integer.valueOf(messageID)) != null) {
                    throw new DirectoryException(ResultCode.PROTOCOL_ERROR, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_CLIENT_DUPLICATE_MESSAGE_ID, Integer.valueOf(messageID)), ProtocolMessages.MSGID_LDAP_CLIENT_DUPLICATE_MESSAGE_ID);
                }
                this.operationsInProgress.put(Integer.valueOf(messageID), abstractOperation);
                DirectoryServer.enqueueRequest(abstractOperation);
                this.opsInProgressLock.unlock();
            } catch (DirectoryException e) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e);
                }
                this.operationsInProgress.remove(Integer.valueOf(messageID));
                this.lastCompletionTime.set(TimeThread.getTime());
                throw e;
            } catch (Exception e2) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                }
                throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_CLIENT_CANNOT_ENQUEUE, StaticUtils.getExceptionMessage(e2)), ProtocolMessages.MSGID_LDAP_CLIENT_CANNOT_ENQUEUE, e2);
            }
        } catch (Throwable th) {
            this.opsInProgressLock.unlock();
            throw th;
        }
    }

    @Override // org.opends.server.api.ClientConnection
    public boolean removeOperationInProgress(int i) {
        if (this.operationsInProgress.remove(Integer.valueOf(i)) == null) {
            return false;
        }
        this.lastCompletionTime.set(TimeThread.getTime());
        return true;
    }

    @Override // org.opends.server.api.ClientConnection
    public CancelResult cancelOperation(int i, CancelRequest cancelRequest) {
        AbstractOperation abstractOperation = this.operationsInProgress.get(Integer.valueOf(i));
        if (abstractOperation != null) {
            CancelResult cancel = abstractOperation.cancel(cancelRequest);
            if (this.keepStats && cancel == CancelResult.CANCELED) {
                this.statTracker.updateAbandonedOperation();
            }
            return abstractOperation.cancel(cancelRequest);
        }
        Iterator<PersistentSearch> it = getPersistentSearches().iterator();
        while (it.hasNext()) {
            PersistentSearch next = it.next();
            if (next.getSearchOperation().getMessageID() == i) {
                CancelResult cancel2 = next.getSearchOperation().cancel(cancelRequest);
                if (this.keepStats && cancel2 == CancelResult.CANCELED) {
                    this.statTracker.updateAbandonedOperation();
                }
                return cancel2;
            }
        }
        return CancelResult.NO_SUCH_OPERATION;
    }

    @Override // org.opends.server.api.ClientConnection
    public void cancelAllOperations(CancelRequest cancelRequest) {
        this.opsInProgressLock.lock();
        try {
            try {
                Iterator<AbstractOperation> it = this.operationsInProgress.values().iterator();
                while (it.hasNext()) {
                    try {
                        CancelResult cancel = it.next().cancel(cancelRequest);
                        if (this.keepStats && cancel == CancelResult.CANCELED) {
                            this.statTracker.updateAbandonedOperation();
                        }
                    } catch (Exception e) {
                        if (DebugLogger.debugEnabled()) {
                            TRACER.debugCaught(DebugLogLevel.ERROR, e);
                        }
                    }
                }
                if (!this.operationsInProgress.isEmpty() || !getPersistentSearches().isEmpty()) {
                    this.lastCompletionTime.set(TimeThread.getTime());
                }
                this.operationsInProgress.clear();
                Iterator<PersistentSearch> it2 = getPersistentSearches().iterator();
                while (it2.hasNext()) {
                    DirectoryServer.deregisterPersistentSearch(it2.next());
                }
                this.opsInProgressLock.unlock();
            } catch (Exception e2) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                }
                this.opsInProgressLock.unlock();
            }
        } catch (Throwable th) {
            this.opsInProgressLock.unlock();
            throw th;
        }
    }

    @Override // org.opends.server.api.ClientConnection
    public void cancelAllOperationsExcept(CancelRequest cancelRequest, int i) {
        this.opsInProgressLock.lock();
        try {
            try {
                Iterator<Integer> it = this.operationsInProgress.keySet().iterator();
                while (it.hasNext()) {
                    int intValue = it.next().intValue();
                    if (intValue != i) {
                        AbstractOperation abstractOperation = this.operationsInProgress.get(Integer.valueOf(intValue));
                        if (abstractOperation != null) {
                            try {
                                CancelResult cancel = abstractOperation.cancel(cancelRequest);
                                if (this.keepStats && cancel == CancelResult.CANCELED) {
                                    this.statTracker.updateAbandonedOperation();
                                }
                            } catch (Exception e) {
                                if (DebugLogger.debugEnabled()) {
                                    TRACER.debugCaught(DebugLogLevel.ERROR, e);
                                }
                            }
                        }
                        this.operationsInProgress.remove(Integer.valueOf(intValue));
                        this.lastCompletionTime.set(TimeThread.getTime());
                    }
                }
                Iterator<PersistentSearch> it2 = getPersistentSearches().iterator();
                while (it2.hasNext()) {
                    DirectoryServer.deregisterPersistentSearch(it2.next());
                    this.lastCompletionTime.set(TimeThread.getTime());
                }
                this.opsInProgressLock.unlock();
            } catch (Exception e2) {
                if (DebugLogger.debugEnabled()) {
                    TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                }
                this.opsInProgressLock.unlock();
            }
        } catch (Throwable th) {
            this.opsInProgressLock.unlock();
            throw th;
        }
    }

    @Override // org.opends.server.api.ClientConnection
    public boolean processDataRead(ByteBuffer byteBuffer) {
        if (DebugLogger.debugEnabled()) {
            TRACER.debugData(DebugLogLevel.VERBOSE, byteBuffer);
        }
        int limit = byteBuffer.limit() - byteBuffer.position();
        if (this.keepStats) {
            this.statTracker.updateBytesRead(limit);
        }
        while (limit > 0) {
            switch (this.elementReadState) {
                case 0:
                    this.elementType = byteBuffer.get();
                    limit--;
                    this.elementReadState = 1;
                    break;
                case 1:
                    byte b = byteBuffer.get();
                    limit--;
                    this.elementLengthBytesNeeded = b & Byte.MAX_VALUE;
                    if (this.elementLengthBytesNeeded == b) {
                        this.elementLength = b;
                        if (this.elementLength == 0) {
                            disconnect(DisconnectReason.PROTOCOL_ERROR, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_ZERO_BYTE_VALUE, new Object[0]);
                            return false;
                        }
                        if (this.connectionHandler.getMaxRequestSize() > 0 && this.elementLength > this.connectionHandler.getMaxRequestSize()) {
                            disconnect(DisconnectReason.MAX_REQUEST_SIZE_EXCEEDED, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_MAX_REQUEST_SIZE_EXCEEDED, Integer.valueOf(this.elementLength), Integer.valueOf(this.connectionHandler.getMaxRequestSize()));
                            return false;
                        }
                        this.elementValue = new byte[this.elementLength];
                        this.elementValueBytesRead = 0;
                        this.elementValueBytesNeeded = this.elementLength;
                        this.elementReadState = 3;
                        break;
                    } else {
                        if (this.elementLengthBytesNeeded > 4) {
                            disconnect(DisconnectReason.PROTOCOL_ERROR, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_INVALID_MULTIBYTE_LENGTH, Integer.valueOf(this.elementLengthBytesNeeded));
                            return false;
                        }
                        this.elementLength = 0;
                        if (this.elementLengthBytesNeeded > limit) {
                            while (limit > 0) {
                                this.elementLength = (this.elementLength << 8) | (byteBuffer.get() & 255);
                                limit--;
                                this.elementLengthBytesNeeded--;
                            }
                            return true;
                        }
                        while (this.elementLengthBytesNeeded > 0) {
                            this.elementLength = (this.elementLength << 8) | (byteBuffer.get() & 255);
                            limit--;
                            this.elementLengthBytesNeeded--;
                        }
                        if (this.elementLength == 0) {
                            disconnect(DisconnectReason.PROTOCOL_ERROR, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_ZERO_BYTE_VALUE, new Object[0]);
                            return false;
                        }
                        if (this.connectionHandler.getMaxRequestSize() > 0 && this.elementLength > this.connectionHandler.getMaxRequestSize()) {
                            disconnect(DisconnectReason.MAX_REQUEST_SIZE_EXCEEDED, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_MAX_REQUEST_SIZE_EXCEEDED, Integer.valueOf(this.elementLength), Integer.valueOf(this.connectionHandler.getMaxRequestSize()));
                            return false;
                        }
                        this.elementValue = new byte[this.elementLength];
                        this.elementValueBytesRead = 0;
                        this.elementValueBytesNeeded = this.elementLength;
                        this.elementReadState = 3;
                        break;
                    }
                    break;
                case 2:
                    if (limit < this.elementLengthBytesNeeded) {
                        while (limit > 0) {
                            this.elementLength = (this.elementLength << 8) | (byteBuffer.get() & 255);
                            limit--;
                            this.elementLengthBytesNeeded--;
                        }
                        return true;
                    }
                    while (this.elementLengthBytesNeeded > 0) {
                        this.elementLength = (this.elementLength << 8) | (byteBuffer.get() & 255);
                        limit--;
                        this.elementLengthBytesNeeded--;
                    }
                    if (this.elementLength == 0) {
                        disconnect(DisconnectReason.PROTOCOL_ERROR, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_ZERO_BYTE_VALUE, new Object[0]);
                        return false;
                    }
                    if (this.connectionHandler.getMaxRequestSize() > 0 && this.elementLength > this.connectionHandler.getMaxRequestSize()) {
                        disconnect(DisconnectReason.MAX_REQUEST_SIZE_EXCEEDED, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_MAX_REQUEST_SIZE_EXCEEDED, Integer.valueOf(this.elementLength), Integer.valueOf(this.connectionHandler.getMaxRequestSize()));
                        return false;
                    }
                    this.elementValue = new byte[this.elementLength];
                    this.elementValueBytesRead = 0;
                    this.elementValueBytesNeeded = this.elementLength;
                    this.elementReadState = 3;
                    break;
                case 3:
                    if (limit < this.elementValueBytesNeeded) {
                        byteBuffer.get(this.elementValue, this.elementValueBytesRead, limit);
                        this.elementValueBytesRead += limit;
                        this.elementValueBytesNeeded -= limit;
                        return true;
                    }
                    byteBuffer.get(this.elementValue, this.elementValueBytesRead, this.elementValueBytesNeeded);
                    this.elementValueBytesRead += this.elementValueBytesNeeded;
                    limit -= this.elementValueBytesNeeded;
                    this.elementReadState = 0;
                    try {
                        ASN1Sequence decodeAsSequence = ASN1Sequence.decodeAsSequence(this.elementType, this.elementValue);
                        TRACER.debugProtocolElement(DebugLogLevel.VERBOSE, decodeAsSequence);
                        try {
                            LDAPMessage decode = LDAPMessage.decode(decodeAsSequence);
                            TRACER.debugProtocolElement(DebugLogLevel.VERBOSE, decode);
                            if (!processLDAPMessage(decode)) {
                                return false;
                            }
                            break;
                        } catch (Exception e) {
                            if (DebugLogger.debugEnabled()) {
                                TRACER.debugCaught(DebugLogLevel.ERROR, e);
                            }
                            disconnect(DisconnectReason.PROTOCOL_ERROR, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_LDAP_MESSAGE_FAILED, String.valueOf(e));
                            return false;
                        }
                    } catch (Exception e2) {
                        if (DebugLogger.debugEnabled()) {
                            TRACER.debugCaught(DebugLogLevel.ERROR, e2);
                        }
                        disconnect(DisconnectReason.PROTOCOL_ERROR, true, ProtocolMessages.MSGID_LDAP_CLIENT_DECODE_ASN1_FAILED, String.valueOf(e2));
                        return false;
                    }
                default:
                    String message = MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_CLIENT_INVALID_DECODE_STATE, Integer.valueOf(this.elementReadState));
                    ErrorLogger.logError(ErrorLogCategory.REQUEST_HANDLING, ErrorLogSeverity.SEVERE_ERROR, message, ProtocolMessages.MSGID_LDAP_CLIENT_INVALID_DECODE_STATE);
                    disconnect(DisconnectReason.SERVER_ERROR, true, message, ProtocolMessages.MSGID_LDAP_CLIENT_INVALID_DECODE_STATE);
                    return false;
            }
        }
        return true;
    }

    private boolean processLDAPMessage(LDAPMessage lDAPMessage) {
        ArrayList<Control> arrayList;
        if (this.keepStats) {
            this.statTracker.updateMessageRead(lDAPMessage);
        }
        ArrayList<LDAPControl> controls = lDAPMessage.getControls();
        if (controls == null || controls.isEmpty()) {
            arrayList = null;
        } else {
            arrayList = new ArrayList<>(controls.size());
            Iterator<LDAPControl> it = controls.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().getControl());
            }
        }
        try {
            switch (lDAPMessage.getProtocolOpType()) {
                case 66:
                    return processUnbindRequest(lDAPMessage, arrayList);
                case 74:
                    return processDeleteRequest(lDAPMessage, arrayList);
                case 80:
                    return processAbandonRequest(lDAPMessage, arrayList);
                case 96:
                    return processBindRequest(lDAPMessage, arrayList);
                case 99:
                    return processSearchRequest(lDAPMessage, arrayList);
                case 102:
                    return processModifyRequest(lDAPMessage, arrayList);
                case 104:
                    return processAddRequest(lDAPMessage, arrayList);
                case 108:
                    return processModifyDNRequest(lDAPMessage, arrayList);
                case 110:
                    return processCompareRequest(lDAPMessage, arrayList);
                case 119:
                    return processExtendedRequest(lDAPMessage, arrayList);
                default:
                    disconnect(DisconnectReason.PROTOCOL_ERROR, true, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_DISCONNECT_DUE_TO_INVALID_REQUEST_TYPE, lDAPMessage.getProtocolOpName(), Integer.valueOf(lDAPMessage.getMessageID())), ProtocolMessages.MSGID_LDAP_DISCONNECT_DUE_TO_INVALID_REQUEST_TYPE);
                    return false;
            }
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            disconnect(DisconnectReason.SERVER_ERROR, true, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_DISCONNECT_DUE_TO_PROCESSING_FAILURE, lDAPMessage.getProtocolOpName(), Integer.valueOf(lDAPMessage.getMessageID()), String.valueOf(e)), ProtocolMessages.MSGID_LDAP_DISCONNECT_DUE_TO_PROCESSING_FAILURE);
            return false;
        }
    }

    private boolean processAbandonRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        AbandonOperationBasis abandonOperationBasis = new AbandonOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, lDAPMessage.getAbandonRequestProtocolOp().getIDToAbandon());
        abandonOperationBasis.run();
        if (this.keepStats && abandonOperationBasis.getResultCode() == ResultCode.CANCELED) {
            this.statTracker.updateAbandonedOperation();
        }
        return this.connectionValid;
    }

    private boolean processAddRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        if (this.ldapVersion == 2 && arrayList != null && !arrayList.isEmpty()) {
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new AddResponseProtocolOp(2, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED))));
            disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED, new Object[0]);
            return false;
        }
        AddRequestProtocolOp addRequestProtocolOp = lDAPMessage.getAddRequestProtocolOp();
        AddOperationBasis addOperationBasis = new AddOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, addRequestProtocolOp.getDN(), addRequestProtocolOp.getAttributes());
        try {
            addOperationInProgress(addOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            AddResponseProtocolOp addResponseProtocolOp = new AddResponseProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            ArrayList<Control> responseControls = addOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), addResponseProtocolOp, arrayList2));
        }
        return this.connectionValid;
    }

    private boolean processBindRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        String valueOf;
        BindOperationBasis bindOperationBasis;
        BindRequestProtocolOp bindRequestProtocolOp = lDAPMessage.getBindRequestProtocolOp();
        int protocolVersion = bindRequestProtocolOp.getProtocolVersion();
        this.ldapVersion = protocolVersion;
        switch (protocolVersion) {
            case 2:
                valueOf = "2";
                if (!this.connectionHandler.allowLDAPv2()) {
                    sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new BindResponseProtocolOp(48, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CLIENTS_NOT_ALLOWED))));
                    disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CLIENTS_NOT_ALLOWED, new Object[0]);
                    return false;
                }
                if (arrayList != null && !arrayList.isEmpty()) {
                    sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new BindResponseProtocolOp(2, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED))));
                    disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED, new Object[0]);
                    return false;
                }
                break;
            case 3:
                valueOf = InternalClientConnection.PROTOCOL_VERSION;
                break;
            default:
                valueOf = String.valueOf(this.ldapVersion);
                break;
        }
        ASN1OctetString dn = bindRequestProtocolOp.getDN();
        switch (bindRequestProtocolOp.getAuthenticationType()) {
            case SIMPLE:
                bindOperationBasis = new BindOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, valueOf, dn, bindRequestProtocolOp.getSimplePassword());
                break;
            case SASL:
                bindOperationBasis = new BindOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, valueOf, dn, bindRequestProtocolOp.getSASLMechanism(), bindRequestProtocolOp.getSASLCredentials());
                break;
            default:
                disconnect(DisconnectReason.PROTOCOL_ERROR, true, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_INVALID_BIND_AUTH_TYPE, Integer.valueOf(lDAPMessage.getMessageID()), String.valueOf(bindRequestProtocolOp.getAuthenticationType())), ProtocolMessages.MSGID_LDAP_INVALID_BIND_AUTH_TYPE);
                return false;
        }
        try {
            addOperationInProgress(bindOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            BindResponseProtocolOp bindResponseProtocolOp = new BindResponseProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            List<Control> responseControls = bindOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), bindResponseProtocolOp, arrayList2));
            if (e.getResultCode() == ResultCode.PROTOCOL_ERROR) {
                disconnect(DisconnectReason.PROTOCOL_ERROR, true, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_DISCONNECT_DUE_TO_BIND_PROTOCOL_ERROR, Integer.valueOf(lDAPMessage.getMessageID()), e.getErrorMessage()), ProtocolMessages.MSGID_LDAP_DISCONNECT_DUE_TO_BIND_PROTOCOL_ERROR);
            }
        }
        return this.connectionValid;
    }

    private boolean processCompareRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        if (this.ldapVersion == 2 && arrayList != null && !arrayList.isEmpty()) {
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new CompareResponseProtocolOp(2, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED))));
            disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED, new Object[0]);
            return false;
        }
        CompareRequestProtocolOp compareRequestProtocolOp = lDAPMessage.getCompareRequestProtocolOp();
        CompareOperationBasis compareOperationBasis = new CompareOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, compareRequestProtocolOp.getDN(), compareRequestProtocolOp.getAttributeType(), compareRequestProtocolOp.getAssertionValue());
        try {
            addOperationInProgress(compareOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            CompareResponseProtocolOp compareResponseProtocolOp = new CompareResponseProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            List<Control> responseControls = compareOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), compareResponseProtocolOp, arrayList2));
        }
        return this.connectionValid;
    }

    private boolean processDeleteRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        if (this.ldapVersion == 2 && arrayList != null && !arrayList.isEmpty()) {
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new DeleteResponseProtocolOp(2, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED))));
            disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED, new Object[0]);
            return false;
        }
        DeleteOperationBasis deleteOperationBasis = new DeleteOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, lDAPMessage.getDeleteRequestProtocolOp().getDN());
        try {
            addOperationInProgress(deleteOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            DeleteResponseProtocolOp deleteResponseProtocolOp = new DeleteResponseProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            List<Control> responseControls = deleteOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), deleteResponseProtocolOp, arrayList2));
        }
        return this.connectionValid;
    }

    private boolean processExtendedRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        if (this.ldapVersion == 2) {
            String message = MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_EXTENDED_REQUEST_NOT_ALLOWED, Long.valueOf(getConnectionID()), Integer.valueOf(lDAPMessage.getMessageID()));
            ErrorLogger.logError(ErrorLogCategory.REQUEST_HANDLING, ErrorLogSeverity.MILD_ERROR, message, ProtocolMessages.MSGID_LDAPV2_EXTENDED_REQUEST_NOT_ALLOWED);
            disconnect(DisconnectReason.PROTOCOL_ERROR, false, message, ProtocolMessages.MSGID_LDAPV2_EXTENDED_REQUEST_NOT_ALLOWED);
            return false;
        }
        ExtendedRequestProtocolOp extendedRequestProtocolOp = lDAPMessage.getExtendedRequestProtocolOp();
        ExtendedOperationBasis extendedOperationBasis = new ExtendedOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, extendedRequestProtocolOp.getOID(), extendedRequestProtocolOp.getValue());
        try {
            addOperationInProgress(extendedOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            ExtendedResponseProtocolOp extendedResponseProtocolOp = new ExtendedResponseProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            List<Control> responseControls = extendedOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), extendedResponseProtocolOp, arrayList2));
        }
        return this.connectionValid;
    }

    private boolean processModifyRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        if (this.ldapVersion == 2 && arrayList != null && !arrayList.isEmpty()) {
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new ModifyResponseProtocolOp(2, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED))));
            disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED, new Object[0]);
            return false;
        }
        ModifyRequestProtocolOp modifyRequestProtocolOp = lDAPMessage.getModifyRequestProtocolOp();
        ModifyOperationBasis modifyOperationBasis = new ModifyOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, modifyRequestProtocolOp.getDN(), modifyRequestProtocolOp.getModifications());
        try {
            addOperationInProgress(modifyOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            ModifyResponseProtocolOp modifyResponseProtocolOp = new ModifyResponseProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            List<Control> responseControls = modifyOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), modifyResponseProtocolOp, arrayList2));
        }
        return this.connectionValid;
    }

    private boolean processModifyDNRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        if (this.ldapVersion == 2 && arrayList != null && !arrayList.isEmpty()) {
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new ModifyDNResponseProtocolOp(2, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED))));
            disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED, new Object[0]);
            return false;
        }
        ModifyDNRequestProtocolOp modifyDNRequestProtocolOp = lDAPMessage.getModifyDNRequestProtocolOp();
        ModifyDNOperationBasis modifyDNOperationBasis = new ModifyDNOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, modifyDNRequestProtocolOp.getEntryDN(), modifyDNRequestProtocolOp.getNewRDN(), modifyDNRequestProtocolOp.deleteOldRDN(), modifyDNRequestProtocolOp.getNewSuperior());
        try {
            addOperationInProgress(modifyDNOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            ModifyDNResponseProtocolOp modifyDNResponseProtocolOp = new ModifyDNResponseProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            List<Control> responseControls = modifyDNOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), modifyDNResponseProtocolOp, arrayList2));
        }
        return this.connectionValid;
    }

    private boolean processSearchRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        if (this.ldapVersion == 2 && arrayList != null && !arrayList.isEmpty()) {
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), new SearchResultDoneProtocolOp(2, MessageHandler.getMessage(ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED))));
            disconnect(DisconnectReason.PROTOCOL_ERROR, false, ProtocolMessages.MSGID_LDAPV2_CONTROLS_NOT_ALLOWED, new Object[0]);
            return false;
        }
        SearchRequestProtocolOp searchRequestProtocolOp = lDAPMessage.getSearchRequestProtocolOp();
        SearchOperationBasis searchOperationBasis = new SearchOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList, searchRequestProtocolOp.getBaseDN(), searchRequestProtocolOp.getScope(), searchRequestProtocolOp.getDereferencePolicy(), searchRequestProtocolOp.getSizeLimit(), searchRequestProtocolOp.getTimeLimit(), searchRequestProtocolOp.getTypesOnly(), searchRequestProtocolOp.getFilter(), searchRequestProtocolOp.getAttributes());
        try {
            addOperationInProgress(searchOperationBasis);
        } catch (DirectoryException e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            SearchResultDoneProtocolOp searchResultDoneProtocolOp = new SearchResultDoneProtocolOp(e.getResultCode().getIntValue(), e.getErrorMessage(), e.getMatchedDN(), e.getReferralURLs());
            List<Control> responseControls = searchOperationBasis.getResponseControls();
            ArrayList arrayList2 = new ArrayList(responseControls.size());
            Iterator<Control> it = responseControls.iterator();
            while (it.hasNext()) {
                arrayList2.add(new LDAPControl(it.next()));
            }
            sendLDAPMessage(this.securityProvider, new LDAPMessage(lDAPMessage.getMessageID(), searchResultDoneProtocolOp, arrayList2));
        }
        return this.connectionValid;
    }

    private boolean processUnbindRequest(LDAPMessage lDAPMessage, ArrayList<Control> arrayList) {
        new UnbindOperationBasis(this, this.nextOperationID.getAndIncrement(), lDAPMessage.getMessageID(), arrayList).run();
        return false;
    }

    @Override // org.opends.server.api.ClientConnection
    public String getMonitorSummary() {
        StringBuilder sb = new StringBuilder();
        sb.append("connID=\"");
        sb.append(this.connectionID);
        sb.append("\" connectTime=\"");
        sb.append(getConnectTimeString());
        sb.append("\" source=\"");
        sb.append(this.clientAddress);
        sb.append(":");
        sb.append(this.clientPort);
        sb.append("\" destination=\"");
        sb.append(this.serverAddress);
        sb.append(":");
        sb.append(this.connectionHandler.getListenPort());
        sb.append("\" ldapVersion=\"");
        sb.append(this.ldapVersion);
        sb.append("\" authDN=\"");
        DN authenticationDN = getAuthenticationInfo().getAuthenticationDN();
        if (authenticationDN != null) {
            authenticationDN.toString(sb);
        }
        sb.append("\" security=\"");
        if (this.securityProvider.isSecure()) {
            sb.append(this.securityProvider.getSecurityMechanismName());
        } else {
            sb.append(ProfilerPlugin.PROFILE_ACTION_NONE);
        }
        sb.append("\" opsInProgress=\"");
        sb.append(this.operationsInProgress.size());
        sb.append("\"");
        return sb.toString();
    }

    @Override // org.opends.server.api.ClientConnection
    public void toString(StringBuilder sb) {
        sb.append("LDAP client connection from ");
        sb.append(this.clientAddress);
        sb.append(":");
        sb.append(this.clientPort);
        sb.append(" to ");
        sb.append(this.serverAddress);
        sb.append(":");
        sb.append(this.serverPort);
    }

    @Override // org.opends.server.extensions.TLSCapableConnection
    public boolean tlsProtectionAvailable(StringBuilder sb) {
        if (!(this.securityProvider instanceof NullConnectionSecurityProvider)) {
            sb.append(MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_TLS_EXISTING_SECURITY_PROVIDER, this.securityProvider.getSecurityMechanismName()));
            return false;
        }
        if (!this.connectionHandler.allowStartTLS()) {
            sb.append(MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_TLS_STARTTLS_NOT_ALLOWED));
            return false;
        }
        if (this.tlsSecurityProvider != null) {
            return true;
        }
        try {
            TLSConnectionSecurityProvider tLSConnectionSecurityProvider = new TLSConnectionSecurityProvider();
            tLSConnectionSecurityProvider.initializeConnectionSecurityProvider(null);
            tLSConnectionSecurityProvider.setSSLClientAuthPolicy(this.connectionHandler.getSSLClientAuthPolicy());
            tLSConnectionSecurityProvider.setEnabledProtocols(this.connectionHandler.getEnabledSSLProtocols());
            tLSConnectionSecurityProvider.setEnabledCipherSuites(this.connectionHandler.getEnabledSSLCipherSuites());
            this.tlsSecurityProvider = (TLSConnectionSecurityProvider) tLSConnectionSecurityProvider.newInstance(this, this.clientChannel);
            return true;
        } catch (Exception e) {
            if (DebugLogger.debugEnabled()) {
                TRACER.debugCaught(DebugLogLevel.ERROR, e);
            }
            this.tlsSecurityProvider = null;
            sb.append(MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_TLS_CANNOT_CREATE_TLS_PROVIDER, StaticUtils.stackTraceToSingleLineString(e)));
            return false;
        }
    }

    @Override // org.opends.server.extensions.TLSCapableConnection
    public void enableTLSConnectionSecurityProvider() throws DirectoryException {
        if (this.tlsSecurityProvider == null) {
            String message = MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_TLS_NO_PROVIDER);
            disconnect(DisconnectReason.OTHER, false, message, ProtocolMessages.MSGID_LDAP_TLS_NO_PROVIDER);
            throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message, ProtocolMessages.MSGID_LDAP_TLS_NO_PROVIDER);
        }
        this.clearSecurityProvider = this.securityProvider;
        setConnectionSecurityProvider(this.tlsSecurityProvider);
    }

    @Override // org.opends.server.extensions.TLSCapableConnection
    public void disableTLSConnectionSecurityProvider() throws DirectoryException {
        String message = MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_TLS_CLOSURE_NOT_ALLOWED);
        disconnect(DisconnectReason.OTHER, false, message, ProtocolMessages.MSGID_LDAP_TLS_CLOSURE_NOT_ALLOWED);
        throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), message, ProtocolMessages.MSGID_LDAP_TLS_CLOSURE_NOT_ALLOWED);
    }

    @Override // org.opends.server.extensions.TLSCapableConnection
    public void sendClearResponse(Operation operation) throws DirectoryException {
        if (this.clearSecurityProvider == null) {
            throw new DirectoryException(DirectoryServer.getServerErrorResultCode(), MessageHandler.getMessage(ProtocolMessages.MSGID_LDAP_NO_CLEAR_SECURITY_PROVIDER, toString()), ProtocolMessages.MSGID_LDAP_NO_CLEAR_SECURITY_PROVIDER);
        }
        sendLDAPMessage(this.clearSecurityProvider, operationToResponseLDAPMessage(operation));
    }

    @Override // org.opends.server.api.ClientConnection
    public DN getKeyManagerProviderDN() {
        return this.connectionHandler.getKeyManagerProviderDN();
    }

    @Override // org.opends.server.api.ClientConnection
    public DN getTrustManagerProviderDN() {
        return this.connectionHandler.getTrustManagerProviderDN();
    }

    @Override // org.opends.server.api.ClientConnection
    public String getCertificateAlias() {
        return this.connectionHandler.getSSLServerCertNickname();
    }

    @Override // org.opends.server.api.ClientConnection
    public long getIdleTime() {
        if (this.operationsInProgress.isEmpty() && getPersistentSearches().isEmpty()) {
            return TimeThread.getTime() - this.lastCompletionTime.get();
        }
        return 0L;
    }
}
