![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 /**
2 * collectd - src/openldap.c
3 * Copyright (C) 2011 Kimo Rosenbaum
4 * Copyright (C) 2014-2015 Marc Fournier
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a
7 * copy of this software and associated documentation files (the "Software"),
8 * to deal in the Software without restriction, including without limitation
9 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
10 * and/or sell copies of the Software, and to permit persons to whom the
11 * Software is furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22 * DEALINGS IN THE SOFTWARE.
23 *
24 * Authors:
25 * Kimo Rosenbaum <kimor79 at yahoo.com>
26 * Marc Fournier <marc.fournier at camptocamp.com>
27 **/
29 #include "collectd.h"
30 #include "common.h"
31 #include "plugin.h"
32 #include "configfile.h"
34 #if defined(__APPLE__)
35 #pragma clang diagnostic push
36 #pragma clang diagnostic warning "-Wdeprecated-declarations"
37 #endif
39 #include <lber.h>
40 #include <ldap.h>
42 struct cldap_s /* {{{ */
43 {
44 char *name;
46 char *binddn;
47 char *password;
48 char *cacert;
49 char *host;
50 int state;
51 _Bool starttls;
52 int timeout;
53 char *url;
54 _Bool verifyhost;
55 int version;
57 LDAP *ld;
58 };
59 typedef struct cldap_s cldap_t; /* }}} */
61 static cldap_t **databases = NULL;
62 static size_t databases_num = 0;
64 static void cldap_free (cldap_t *st) /* {{{ */
65 {
66 if (st == NULL)
67 return;
69 sfree (st->binddn);
70 sfree (st->password);
71 sfree (st->cacert);
72 sfree (st->host);
73 sfree (st->name);
74 sfree (st->url);
75 if (st->ld)
76 ldap_memfree (st->ld);
77 sfree (st);
78 } /* }}} void cldap_free */
80 /* initialize ldap for each host */
81 static int cldap_init_host (cldap_t *st) /* {{{ */
82 {
83 LDAP *ld;
84 int rc;
86 if (st->state && st->ld)
87 {
88 DEBUG ("openldap plugin: Already connected to %s", st->url);
89 return (0);
90 }
92 rc = ldap_initialize (&ld, st->url);
93 if (rc != LDAP_SUCCESS)
94 {
95 ERROR ("openldap plugin: ldap_initialize failed: %s",
96 ldap_err2string (rc));
97 st->state = 0;
98 ldap_unbind_ext_s (ld, NULL, NULL);
99 return (-1);
100 }
102 st->ld = ld;
104 ldap_set_option (st->ld, LDAP_OPT_PROTOCOL_VERSION, &st->version);
106 ldap_set_option (st->ld, LDAP_OPT_TIMEOUT,
107 &(const struct timeval){st->timeout, 0});
109 ldap_set_option (st->ld, LDAP_OPT_RESTART, LDAP_OPT_ON);
111 if (st->cacert != NULL)
112 ldap_set_option (st->ld, LDAP_OPT_X_TLS_CACERTFILE, st->cacert);
114 if (st->verifyhost == 0)
115 {
116 int never = LDAP_OPT_X_TLS_NEVER;
117 ldap_set_option (st->ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &never);
118 }
120 if (st->starttls != 0)
121 {
122 rc = ldap_start_tls_s (ld, NULL, NULL);
123 if (rc != LDAP_SUCCESS)
124 {
125 ERROR ("openldap plugin: Failed to start tls on %s: %s",
126 st->url, ldap_err2string (rc));
127 st->state = 0;
128 ldap_unbind_ext_s (st->ld, NULL, NULL);
129 return (-1);
130 }
131 }
133 struct berval cred;
134 if (st->password != NULL)
135 {
136 cred.bv_val = st->password;
137 cred.bv_len = strlen (st->password);
138 }
139 else
140 {
141 cred.bv_val = "";
142 cred.bv_len = 0;
143 }
145 rc = ldap_sasl_bind_s (st->ld, st->binddn, LDAP_SASL_SIMPLE, &cred,
146 NULL, NULL, NULL);
147 if (rc != LDAP_SUCCESS)
148 {
149 ERROR ("openldap plugin: Failed to bind to %s: %s",
150 st->url, ldap_err2string (rc));
151 st->state = 0;
152 ldap_unbind_ext_s (st->ld, NULL, NULL);
153 return (-1);
154 }
155 else
156 {
157 DEBUG ("openldap plugin: Successfully connected to %s",
158 st->url);
159 st->state = 1;
160 return (0);
161 }
162 } /* }}} static cldap_init_host */
164 static void cldap_submit_value (const char *type, const char *type_instance, /* {{{ */
165 value_t value, cldap_t *st)
166 {
167 value_list_t vl = VALUE_LIST_INIT;
169 vl.values = &value;
170 vl.values_len = 1;
172 if ((st->host == NULL)
173 || (strcmp ("", st->host) == 0)
174 || (strcmp ("localhost", st->host) == 0))
175 sstrncpy (vl.host, hostname_g, sizeof (vl.host));
176 else
177 sstrncpy (vl.host, st->host, sizeof (vl.host));
179 sstrncpy (vl.plugin, "openldap", sizeof (vl.plugin));
180 if (st->name != NULL)
181 sstrncpy (vl.plugin_instance, st->name,
182 sizeof (vl.plugin_instance));
184 sstrncpy (vl.type, type, sizeof (vl.type));
185 if (type_instance != NULL)
186 sstrncpy (vl.type_instance, type_instance,
187 sizeof (vl.type_instance));
189 plugin_dispatch_values (&vl);
190 } /* }}} void cldap_submit_value */
192 static void cldap_submit_derive (const char *type, const char *type_instance, /* {{{ */
193 derive_t d, cldap_t *st)
194 {
195 value_t v;
196 v.derive = d;
197 cldap_submit_value (type, type_instance, v, st);
198 } /* }}} void cldap_submit_derive */
200 static void cldap_submit_gauge (const char *type, const char *type_instance, /* {{{ */
201 gauge_t g, cldap_t *st)
202 {
203 value_t v;
204 v.gauge = g;
205 cldap_submit_value (type, type_instance, v, st);
206 } /* }}} void cldap_submit_gauge */
208 static int cldap_read_host (user_data_t *ud) /* {{{ */
209 {
210 cldap_t *st;
211 LDAPMessage *e, *result;
212 char *dn;
213 int rc;
214 int status;
216 char *attrs[9] = { "monitorCounter",
217 "monitorOpCompleted",
218 "monitorOpInitiated",
219 "monitoredInfo",
220 "olmBDBEntryCache",
221 "olmBDBDNCache",
222 "olmBDBIDLCache",
223 "namingContexts",
224 NULL };
226 if ((ud == NULL) || (ud->data == NULL))
227 {
228 ERROR ("openldap plugin: cldap_read_host: Invalid user data.");
229 return (-1);
230 }
232 st = (cldap_t *) ud->data;
234 status = cldap_init_host (st);
235 if (status != 0)
236 return (-1);
238 rc = ldap_search_ext_s (st->ld, "cn=Monitor", LDAP_SCOPE_SUBTREE,
239 "(|(!(cn=* *))(cn=Database*))", attrs, 0,
240 NULL, NULL, NULL, 0, &result);
242 if (rc != LDAP_SUCCESS)
243 {
244 ERROR ("openldap plugin: Failed to execute search: %s",
245 ldap_err2string (rc));
246 ldap_msgfree (result);
247 st->state = 0;
248 ldap_unbind_ext_s (st->ld, NULL, NULL);
249 return (-1);
250 }
252 for (e = ldap_first_entry (st->ld, result); e != NULL;
253 e = ldap_next_entry (st->ld, e))
254 {
255 if ((dn = ldap_get_dn (st->ld, e)) != NULL)
256 {
257 unsigned long long counter = 0;
258 unsigned long long opc = 0;
259 unsigned long long opi = 0;
260 unsigned long long info = 0;
262 struct berval counter_data;
263 struct berval opc_data;
264 struct berval opi_data;
265 struct berval info_data;
266 struct berval olmbdb_data;
267 struct berval nc_data;
269 struct berval **counter_list;
270 struct berval **opc_list;
271 struct berval **opi_list;
272 struct berval **info_list;
273 struct berval **olmbdb_list;
274 struct berval **nc_list;
276 if ((counter_list = ldap_get_values_len (st->ld, e,
277 "monitorCounter")) != NULL)
278 {
279 counter_data = *counter_list[0];
280 counter = atoll (counter_data.bv_val);
281 }
283 if ((opc_list = ldap_get_values_len (st->ld, e,
284 "monitorOpCompleted")) != NULL)
285 {
286 opc_data = *opc_list[0];
287 opc = atoll (opc_data.bv_val);
288 }
290 if ((opi_list = ldap_get_values_len (st->ld, e,
291 "monitorOpInitiated")) != NULL)
292 {
293 opi_data = *opi_list[0];
294 opi = atoll (opi_data.bv_val);
295 }
297 if ((info_list = ldap_get_values_len (st->ld, e,
298 "monitoredInfo")) != NULL)
299 {
300 info_data = *info_list[0];
301 info = atoll (info_data.bv_val);
302 }
304 if (strcmp (dn, "cn=Total,cn=Connections,cn=Monitor")
305 == 0)
306 {
307 cldap_submit_derive ("total_connections", NULL,
308 counter, st);
309 }
310 else if (strcmp (dn,
311 "cn=Current,cn=Connections,cn=Monitor")
312 == 0)
313 {
314 cldap_submit_gauge ("current_connections", NULL,
315 counter, st);
316 }
317 else if (strcmp (dn,
318 "cn=Operations,cn=Monitor") == 0)
319 {
320 cldap_submit_derive ("operations",
321 "completed", opc, st);
322 cldap_submit_derive ("operations",
323 "initiated", opi, st);
324 }
325 else if (strcmp (dn,
326 "cn=Bind,cn=Operations,cn=Monitor")
327 == 0)
328 {
329 cldap_submit_derive ("operations",
330 "bind-completed", opc, st);
331 cldap_submit_derive ("operations",
332 "bind-initiated", opi, st);
333 }
334 else if (strcmp (dn,
335 "cn=UnBind,cn=Operations,cn=Monitor")
336 == 0)
337 {
338 cldap_submit_derive ("operations",
339 "unbind-completed", opc, st);
340 cldap_submit_derive ("operations",
341 "unbind-initiated", opi, st);
342 }
343 else if (strcmp (dn,
344 "cn=Search,cn=Operations,cn=Monitor")
345 == 0)
346 {
347 cldap_submit_derive ("operations",
348 "search-completed", opc, st);
349 cldap_submit_derive ("operations",
350 "search-initiated", opi, st);
351 }
352 else if (strcmp (dn,
353 "cn=Compare,cn=Operations,cn=Monitor")
354 == 0)
355 {
356 cldap_submit_derive ("operations",
357 "compare-completed", opc, st);
358 cldap_submit_derive ("operations",
359 "compare-initiated", opi, st);
360 }
361 else if (strcmp (dn,
362 "cn=Modify,cn=Operations,cn=Monitor")
363 == 0)
364 {
365 cldap_submit_derive ("operations",
366 "modify-completed", opc, st);
367 cldap_submit_derive ("operations",
368 "modify-initiated", opi, st);
369 }
370 else if (strcmp (dn,
371 "cn=Modrdn,cn=Operations,cn=Monitor")
372 == 0)
373 {
374 cldap_submit_derive ("operations",
375 "modrdn-completed", opc, st);
376 cldap_submit_derive ("operations",
377 "modrdn-initiated", opi, st);
378 }
379 else if (strcmp (dn,
380 "cn=Add,cn=Operations,cn=Monitor")
381 == 0)
382 {
383 cldap_submit_derive ("operations",
384 "add-completed", opc, st);
385 cldap_submit_derive ("operations",
386 "add-initiated", opi, st);
387 }
388 else if (strcmp (dn,
389 "cn=Delete,cn=Operations,cn=Monitor")
390 == 0)
391 {
392 cldap_submit_derive ("operations",
393 "delete-completed", opc, st);
394 cldap_submit_derive ("operations",
395 "delete-initiated", opi, st);
396 }
397 else if (strcmp (dn,
398 "cn=Abandon,cn=Operations,cn=Monitor")
399 == 0)
400 {
401 cldap_submit_derive ("operations",
402 "abandon-completed", opc, st);
403 cldap_submit_derive ("operations",
404 "abandon-initiated", opi, st);
405 }
406 else if (strcmp (dn,
407 "cn=Extended,cn=Operations,cn=Monitor")
408 == 0)
409 {
410 cldap_submit_derive ("operations",
411 "extended-completed", opc, st);
412 cldap_submit_derive ("operations",
413 "extended-initiated", opi, st);
414 }
415 else if ((strncmp (dn, "cn=Database", 11) == 0)
416 && ((nc_list = ldap_get_values_len
417 (st->ld, e, "namingContexts")) != NULL))
418 {
419 nc_data = *nc_list[0];
420 char typeinst[DATA_MAX_NAME_LEN];
422 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
423 "olmBDBEntryCache")) != NULL)
424 {
425 olmbdb_data = *olmbdb_list[0];
426 ssnprintf (typeinst, sizeof (typeinst),
427 "bdbentrycache-%s", nc_data.bv_val);
428 cldap_submit_gauge ("cache_size", typeinst,
429 atoll (olmbdb_data.bv_val), st);
430 ldap_value_free_len (olmbdb_list);
431 }
433 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
434 "olmBDBDNCache")) != NULL)
435 {
436 olmbdb_data = *olmbdb_list[0];
437 ssnprintf (typeinst, sizeof (typeinst),
438 "bdbdncache-%s", nc_data.bv_val);
439 cldap_submit_gauge ("cache_size", typeinst,
440 atoll (olmbdb_data.bv_val), st);
441 ldap_value_free_len (olmbdb_list);
442 }
444 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
445 "olmBDBIDLCache")) != NULL)
446 {
447 olmbdb_data = *olmbdb_list[0];
448 ssnprintf (typeinst, sizeof (typeinst),
449 "bdbidlcache-%s", nc_data.bv_val);
450 cldap_submit_gauge ("cache_size", typeinst,
451 atoll (olmbdb_data.bv_val), st);
452 ldap_value_free_len (olmbdb_list);
453 }
455 ldap_value_free_len (nc_list);
456 }
457 else if (strcmp (dn,
458 "cn=Bytes,cn=Statistics,cn=Monitor")
459 == 0)
460 {
461 cldap_submit_derive ("derive", "statistics-bytes",
462 counter, st);
463 }
464 else if (strcmp (dn,
465 "cn=PDU,cn=Statistics,cn=Monitor")
466 == 0)
467 {
468 cldap_submit_derive ("derive", "statistics-pdu",
469 counter, st);
470 }
471 else if (strcmp (dn,
472 "cn=Entries,cn=Statistics,cn=Monitor")
473 == 0)
474 {
475 cldap_submit_derive ("derive", "statistics-entries",
476 counter, st);
477 }
478 else if (strcmp (dn,
479 "cn=Referrals,cn=Statistics,cn=Monitor")
480 == 0)
481 {
482 cldap_submit_derive ("derive", "statistics-referrals",
483 counter, st);
484 }
485 else if (strcmp (dn,
486 "cn=Open,cn=Threads,cn=Monitor")
487 == 0)
488 {
489 cldap_submit_gauge ("threads", "threads-open",
490 info, st);
491 }
492 else if (strcmp (dn,
493 "cn=Starting,cn=Threads,cn=Monitor")
494 == 0)
495 {
496 cldap_submit_gauge ("threads", "threads-starting",
497 info, st);
498 }
499 else if (strcmp (dn,
500 "cn=Active,cn=Threads,cn=Monitor")
501 == 0)
502 {
503 cldap_submit_gauge ("threads", "threads-active",
504 info, st);
505 }
506 else if (strcmp (dn,
507 "cn=Pending,cn=Threads,cn=Monitor")
508 == 0)
509 {
510 cldap_submit_gauge ("threads", "threads-pending",
511 info, st);
512 }
513 else if (strcmp (dn,
514 "cn=Backload,cn=Threads,cn=Monitor")
515 == 0)
516 {
517 cldap_submit_gauge ("threads", "threads-backload",
518 info, st);
519 }
520 else if (strcmp (dn,
521 "cn=Read,cn=Waiters,cn=Monitor")
522 == 0)
523 {
524 cldap_submit_derive ("derive", "waiters-read",
525 counter, st);
526 }
527 else if (strcmp (dn,
528 "cn=Write,cn=Waiters,cn=Monitor")
529 == 0)
530 {
531 cldap_submit_derive ("derive", "waiters-write",
532 counter, st);
533 }
535 ldap_value_free_len (counter_list);
536 ldap_value_free_len (opc_list);
537 ldap_value_free_len (opi_list);
538 ldap_value_free_len (info_list);
539 }
541 ldap_memfree (dn);
542 }
544 ldap_msgfree (result);
545 return (0);
546 } /* }}} int cldap_read_host */
548 /* Configuration handling functions {{{
549 *
550 * <Plugin ldap>
551 * <Instance "plugin_instance1">
552 * URL "ldap://localhost"
553 * ...
554 * </Instance>
555 * </Plugin>
556 */
558 static int cldap_config_add (oconfig_item_t *ci) /* {{{ */
559 {
560 cldap_t *st;
561 int i;
562 int status;
564 st = calloc (1, sizeof (*st));
565 if (st == NULL)
566 {
567 ERROR ("openldap plugin: calloc failed.");
568 return (-1);
569 }
571 status = cf_util_get_string (ci, &st->name);
572 if (status != 0)
573 {
574 sfree (st);
575 return (status);
576 }
578 st->starttls = 0;
579 st->timeout = (long) (CDTIME_T_TO_MS(plugin_get_interval()) / 1000);
580 st->verifyhost = 1;
581 st->version = LDAP_VERSION3;
583 for (i = 0; i < ci->children_num; i++)
584 {
585 oconfig_item_t *child = ci->children + i;
587 if (strcasecmp ("BindDN", child->key) == 0)
588 status = cf_util_get_string (child, &st->binddn);
589 else if (strcasecmp ("Password", child->key) == 0)
590 status = cf_util_get_string (child, &st->password);
591 else if (strcasecmp ("CACert", child->key) == 0)
592 status = cf_util_get_string (child, &st->cacert);
593 else if (strcasecmp ("StartTLS", child->key) == 0)
594 status = cf_util_get_boolean (child, &st->starttls);
595 else if (strcasecmp ("Timeout", child->key) == 0)
596 status = cf_util_get_int (child, &st->timeout);
597 else if (strcasecmp ("URL", child->key) == 0)
598 status = cf_util_get_string (child, &st->url);
599 else if (strcasecmp ("VerifyHost", child->key) == 0)
600 status = cf_util_get_boolean (child, &st->verifyhost);
601 else if (strcasecmp ("Version", child->key) == 0)
602 status = cf_util_get_int (child, &st->version);
603 else
604 {
605 WARNING ("openldap plugin: Option `%s' not allowed here.",
606 child->key);
607 status = -1;
608 }
610 if (status != 0)
611 break;
612 }
614 /* Check if struct is complete.. */
615 if ((status == 0) && (st->url == NULL))
616 {
617 ERROR ("openldap plugin: Instance `%s': "
618 "No URL has been configured.",
619 st->name);
620 status = -1;
621 }
623 /* Check if URL is valid */
624 if ((status == 0) && (st->url != NULL))
625 {
626 LDAPURLDesc *ludpp;
627 int rc;
629 if ((rc = ldap_url_parse (st->url, &ludpp)) != 0)
630 {
631 ERROR ("openldap plugin: Instance `%s': "
632 "Invalid URL: `%s'",
633 st->name, st->url);
634 status = -1;
635 }
637 if ((status == 0) && (ludpp->lud_host != NULL))
638 st->host = strdup (ludpp->lud_host);
640 ldap_free_urldesc (ludpp);
641 }
643 if (status == 0)
644 {
645 cldap_t **temp;
647 temp = (cldap_t **) realloc (databases,
648 sizeof (*databases) * (databases_num + 1));
650 if (temp == NULL)
651 {
652 ERROR ("openldap plugin: realloc failed");
653 status = -1;
654 }
655 else
656 {
657 user_data_t ud;
658 char callback_name[3*DATA_MAX_NAME_LEN];
660 databases = temp;
661 databases[databases_num] = st;
662 databases_num++;
664 memset (&ud, 0, sizeof (ud));
665 ud.data = st;
667 memset (callback_name, 0, sizeof (callback_name));
668 ssnprintf (callback_name, sizeof (callback_name),
669 "openldap/%s/%s",
670 (st->host != NULL) ? st->host : hostname_g,
671 (st->name != NULL) ? st->name : "default"),
673 status = plugin_register_complex_read (/* group = */ NULL,
674 /* name = */ callback_name,
675 /* callback = */ cldap_read_host,
676 /* interval = */ 0,
677 /* user_data = */ &ud);
678 }
679 }
681 if (status != 0)
682 {
683 cldap_free (st);
684 return (-1);
685 }
687 return (0);
688 } /* }}} int cldap_config_add */
690 static int cldap_config (oconfig_item_t *ci) /* {{{ */
691 {
692 int i;
693 int status = 0;
695 for (i = 0; i < ci->children_num; i++)
696 {
697 oconfig_item_t *child = ci->children + i;
699 if (strcasecmp ("Instance", child->key) == 0)
700 cldap_config_add (child);
701 else
702 WARNING ("openldap plugin: The configuration option "
703 "\"%s\" is not allowed here. Did you "
704 "forget to add an <Instance /> block "
705 "around the configuration?",
706 child->key);
707 } /* for (ci->children) */
709 return (status);
710 } /* }}} int cldap_config */
712 /* }}} End of configuration handling functions */
714 static int cldap_init (void) /* {{{ */
715 {
716 /* Initialize LDAP library while still single-threaded as recommended in
717 * ldap_initialize(3) */
718 int debug_level;
719 ldap_get_option (NULL, LDAP_OPT_DEBUG_LEVEL, &debug_level);
720 return (0);
721 } /* }}} int cldap_init */
723 static int cldap_shutdown (void) /* {{{ */
724 {
725 size_t i;
727 for (i = 0; i < databases_num; i++)
728 if (databases[i]->ld != NULL)
729 ldap_unbind_ext_s (databases[i]->ld, NULL, NULL);
730 sfree (databases);
731 databases_num = 0;
733 return (0);
734 } /* }}} int cldap_shutdown */
736 void module_register (void) /* {{{ */
737 {
738 plugin_register_complex_config ("openldap", cldap_config);
739 plugin_register_init ("openldap", cldap_init);
740 plugin_register_shutdown ("openldap", cldap_shutdown);
741 } /* }}} void module_register */
743 #if defined(__APPLE__)
744 #pragma clang diagnostic pop
745 #endif