1 /**
2 * collectd - src/openldap.c
3 * Copyright (C) 2011 Kimo Rosenbaum
4 * Copyright (C) 2014-2015 Marc Fournier
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a
7 * copy of this software and associated documentation files (the "Software"),
8 * to deal in the Software without restriction, including without limitation
9 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
10 * and/or sell copies of the Software, and to permit persons to whom the
11 * Software is furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22 * DEALINGS IN THE SOFTWARE.
23 *
24 * Authors:
25 * Kimo Rosenbaum <kimor79 at yahoo.com>
26 * Marc Fournier <marc.fournier at camptocamp.com>
27 **/
29 #include "collectd.h"
31 #include "common.h"
32 #include "plugin.h"
34 #if defined(__APPLE__)
35 #pragma clang diagnostic push
36 #pragma clang diagnostic warning "-Wdeprecated-declarations"
37 #endif
39 #include <lber.h>
40 #include <ldap.h>
42 struct cldap_s /* {{{ */
43 {
44 char *name;
46 char *binddn;
47 char *password;
48 char *cacert;
49 char *host;
50 int state;
51 _Bool starttls;
52 int timeout;
53 char *url;
54 _Bool verifyhost;
55 int version;
57 LDAP *ld;
58 };
59 typedef struct cldap_s cldap_t; /* }}} */
61 static cldap_t **databases = NULL;
62 static size_t databases_num = 0;
64 static void cldap_free (cldap_t *st) /* {{{ */
65 {
66 if (st == NULL)
67 return;
69 sfree (st->binddn);
70 sfree (st->password);
71 sfree (st->cacert);
72 sfree (st->host);
73 sfree (st->name);
74 sfree (st->url);
75 if (st->ld)
76 ldap_memfree (st->ld);
77 sfree (st);
78 } /* }}} void cldap_free */
80 /* initialize ldap for each host */
81 static int cldap_init_host (cldap_t *st) /* {{{ */
82 {
83 LDAP *ld;
84 int rc;
86 if (st->state && st->ld)
87 {
88 DEBUG ("openldap plugin: Already connected to %s", st->url);
89 return (0);
90 }
92 rc = ldap_initialize (&ld, st->url);
93 if (rc != LDAP_SUCCESS)
94 {
95 ERROR ("openldap plugin: ldap_initialize failed: %s",
96 ldap_err2string (rc));
97 st->state = 0;
98 ldap_unbind_ext_s (ld, NULL, NULL);
99 return (-1);
100 }
102 st->ld = ld;
104 ldap_set_option (st->ld, LDAP_OPT_PROTOCOL_VERSION, &st->version);
106 ldap_set_option (st->ld, LDAP_OPT_TIMEOUT,
107 &(const struct timeval){st->timeout, 0});
109 ldap_set_option (st->ld, LDAP_OPT_RESTART, LDAP_OPT_ON);
111 if (st->cacert != NULL)
112 ldap_set_option (st->ld, LDAP_OPT_X_TLS_CACERTFILE, st->cacert);
114 if (st->verifyhost == 0)
115 {
116 int never = LDAP_OPT_X_TLS_NEVER;
117 ldap_set_option (st->ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &never);
118 }
120 if (st->starttls != 0)
121 {
122 rc = ldap_start_tls_s (ld, NULL, NULL);
123 if (rc != LDAP_SUCCESS)
124 {
125 ERROR ("openldap plugin: Failed to start tls on %s: %s",
126 st->url, ldap_err2string (rc));
127 st->state = 0;
128 ldap_unbind_ext_s (st->ld, NULL, NULL);
129 return (-1);
130 }
131 }
133 struct berval cred;
134 if (st->password != NULL)
135 {
136 cred.bv_val = st->password;
137 cred.bv_len = strlen (st->password);
138 }
139 else
140 {
141 cred.bv_val = "";
142 cred.bv_len = 0;
143 }
145 rc = ldap_sasl_bind_s (st->ld, st->binddn, LDAP_SASL_SIMPLE, &cred,
146 NULL, NULL, NULL);
147 if (rc != LDAP_SUCCESS)
148 {
149 ERROR ("openldap plugin: Failed to bind to %s: %s",
150 st->url, ldap_err2string (rc));
151 st->state = 0;
152 ldap_unbind_ext_s (st->ld, NULL, NULL);
153 return (-1);
154 }
155 else
156 {
157 DEBUG ("openldap plugin: Successfully connected to %s",
158 st->url);
159 st->state = 1;
160 return (0);
161 }
162 } /* }}} static cldap_init_host */
164 static void cldap_submit_value (const char *type, const char *type_instance, /* {{{ */
165 value_t value, cldap_t *st)
166 {
167 value_list_t vl = VALUE_LIST_INIT;
169 vl.values = &value;
170 vl.values_len = 1;
172 if ((st->host == NULL)
173 || (strcmp ("", st->host) == 0)
174 || (strcmp ("localhost", st->host) == 0))
175 sstrncpy (vl.host, hostname_g, sizeof (vl.host));
176 else
177 sstrncpy (vl.host, st->host, sizeof (vl.host));
179 sstrncpy (vl.plugin, "openldap", sizeof (vl.plugin));
180 if (st->name != NULL)
181 sstrncpy (vl.plugin_instance, st->name,
182 sizeof (vl.plugin_instance));
184 sstrncpy (vl.type, type, sizeof (vl.type));
185 if (type_instance != NULL)
186 sstrncpy (vl.type_instance, type_instance,
187 sizeof (vl.type_instance));
189 plugin_dispatch_values (&vl);
190 } /* }}} void cldap_submit_value */
192 static void cldap_submit_derive (const char *type, const char *type_instance, /* {{{ */
193 derive_t d, cldap_t *st)
194 {
195 cldap_submit_value (type, type_instance, (value_t) { .derive = d }, st);
196 } /* }}} void cldap_submit_derive */
198 static void cldap_submit_gauge (const char *type, const char *type_instance, /* {{{ */
199 gauge_t g, cldap_t *st)
200 {
201 cldap_submit_value (type, type_instance, (value_t) { .gauge = g }, st);
202 } /* }}} void cldap_submit_gauge */
204 static int cldap_read_host (user_data_t *ud) /* {{{ */
205 {
206 cldap_t *st;
207 LDAPMessage *result;
208 char *dn;
209 int rc;
210 int status;
212 char *attrs[9] = { "monitorCounter",
213 "monitorOpCompleted",
214 "monitorOpInitiated",
215 "monitoredInfo",
216 "olmBDBEntryCache",
217 "olmBDBDNCache",
218 "olmBDBIDLCache",
219 "namingContexts",
220 NULL };
222 if ((ud == NULL) || (ud->data == NULL))
223 {
224 ERROR ("openldap plugin: cldap_read_host: Invalid user data.");
225 return (-1);
226 }
228 st = (cldap_t *) ud->data;
230 status = cldap_init_host (st);
231 if (status != 0)
232 return (-1);
234 rc = ldap_search_ext_s (st->ld, "cn=Monitor", LDAP_SCOPE_SUBTREE,
235 "(|(!(cn=* *))(cn=Database*))", attrs, 0,
236 NULL, NULL, NULL, 0, &result);
238 if (rc != LDAP_SUCCESS)
239 {
240 ERROR ("openldap plugin: Failed to execute search: %s",
241 ldap_err2string (rc));
242 ldap_msgfree (result);
243 st->state = 0;
244 ldap_unbind_ext_s (st->ld, NULL, NULL);
245 return (-1);
246 }
248 for (LDAPMessage *e = ldap_first_entry (st->ld, result); e != NULL;
249 e = ldap_next_entry (st->ld, e))
250 {
251 if ((dn = ldap_get_dn (st->ld, e)) != NULL)
252 {
253 unsigned long long counter = 0;
254 unsigned long long opc = 0;
255 unsigned long long opi = 0;
256 unsigned long long info = 0;
258 struct berval counter_data;
259 struct berval opc_data;
260 struct berval opi_data;
261 struct berval info_data;
262 struct berval olmbdb_data;
263 struct berval nc_data;
265 struct berval **counter_list;
266 struct berval **opc_list;
267 struct berval **opi_list;
268 struct berval **info_list;
269 struct berval **olmbdb_list;
270 struct berval **nc_list;
272 if ((counter_list = ldap_get_values_len (st->ld, e,
273 "monitorCounter")) != NULL)
274 {
275 counter_data = *counter_list[0];
276 counter = atoll (counter_data.bv_val);
277 }
279 if ((opc_list = ldap_get_values_len (st->ld, e,
280 "monitorOpCompleted")) != NULL)
281 {
282 opc_data = *opc_list[0];
283 opc = atoll (opc_data.bv_val);
284 }
286 if ((opi_list = ldap_get_values_len (st->ld, e,
287 "monitorOpInitiated")) != NULL)
288 {
289 opi_data = *opi_list[0];
290 opi = atoll (opi_data.bv_val);
291 }
293 if ((info_list = ldap_get_values_len (st->ld, e,
294 "monitoredInfo")) != NULL)
295 {
296 info_data = *info_list[0];
297 info = atoll (info_data.bv_val);
298 }
300 if (strcmp (dn, "cn=Total,cn=Connections,cn=Monitor")
301 == 0)
302 {
303 cldap_submit_derive ("total_connections", NULL,
304 counter, st);
305 }
306 else if (strcmp (dn,
307 "cn=Current,cn=Connections,cn=Monitor")
308 == 0)
309 {
310 cldap_submit_gauge ("current_connections", NULL,
311 counter, st);
312 }
313 else if (strcmp (dn,
314 "cn=Operations,cn=Monitor") == 0)
315 {
316 cldap_submit_derive ("operations",
317 "completed", opc, st);
318 cldap_submit_derive ("operations",
319 "initiated", opi, st);
320 }
321 else if (strcmp (dn,
322 "cn=Bind,cn=Operations,cn=Monitor")
323 == 0)
324 {
325 cldap_submit_derive ("operations",
326 "bind-completed", opc, st);
327 cldap_submit_derive ("operations",
328 "bind-initiated", opi, st);
329 }
330 else if (strcmp (dn,
331 "cn=UnBind,cn=Operations,cn=Monitor")
332 == 0)
333 {
334 cldap_submit_derive ("operations",
335 "unbind-completed", opc, st);
336 cldap_submit_derive ("operations",
337 "unbind-initiated", opi, st);
338 }
339 else if (strcmp (dn,
340 "cn=Search,cn=Operations,cn=Monitor")
341 == 0)
342 {
343 cldap_submit_derive ("operations",
344 "search-completed", opc, st);
345 cldap_submit_derive ("operations",
346 "search-initiated", opi, st);
347 }
348 else if (strcmp (dn,
349 "cn=Compare,cn=Operations,cn=Monitor")
350 == 0)
351 {
352 cldap_submit_derive ("operations",
353 "compare-completed", opc, st);
354 cldap_submit_derive ("operations",
355 "compare-initiated", opi, st);
356 }
357 else if (strcmp (dn,
358 "cn=Modify,cn=Operations,cn=Monitor")
359 == 0)
360 {
361 cldap_submit_derive ("operations",
362 "modify-completed", opc, st);
363 cldap_submit_derive ("operations",
364 "modify-initiated", opi, st);
365 }
366 else if (strcmp (dn,
367 "cn=Modrdn,cn=Operations,cn=Monitor")
368 == 0)
369 {
370 cldap_submit_derive ("operations",
371 "modrdn-completed", opc, st);
372 cldap_submit_derive ("operations",
373 "modrdn-initiated", opi, st);
374 }
375 else if (strcmp (dn,
376 "cn=Add,cn=Operations,cn=Monitor")
377 == 0)
378 {
379 cldap_submit_derive ("operations",
380 "add-completed", opc, st);
381 cldap_submit_derive ("operations",
382 "add-initiated", opi, st);
383 }
384 else if (strcmp (dn,
385 "cn=Delete,cn=Operations,cn=Monitor")
386 == 0)
387 {
388 cldap_submit_derive ("operations",
389 "delete-completed", opc, st);
390 cldap_submit_derive ("operations",
391 "delete-initiated", opi, st);
392 }
393 else if (strcmp (dn,
394 "cn=Abandon,cn=Operations,cn=Monitor")
395 == 0)
396 {
397 cldap_submit_derive ("operations",
398 "abandon-completed", opc, st);
399 cldap_submit_derive ("operations",
400 "abandon-initiated", opi, st);
401 }
402 else if (strcmp (dn,
403 "cn=Extended,cn=Operations,cn=Monitor")
404 == 0)
405 {
406 cldap_submit_derive ("operations",
407 "extended-completed", opc, st);
408 cldap_submit_derive ("operations",
409 "extended-initiated", opi, st);
410 }
411 else if ((strncmp (dn, "cn=Database", 11) == 0)
412 && ((nc_list = ldap_get_values_len
413 (st->ld, e, "namingContexts")) != NULL))
414 {
415 nc_data = *nc_list[0];
416 char typeinst[DATA_MAX_NAME_LEN];
418 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
419 "olmBDBEntryCache")) != NULL)
420 {
421 olmbdb_data = *olmbdb_list[0];
422 ssnprintf (typeinst, sizeof (typeinst),
423 "bdbentrycache-%s", nc_data.bv_val);
424 cldap_submit_gauge ("cache_size", typeinst,
425 atoll (olmbdb_data.bv_val), st);
426 ldap_value_free_len (olmbdb_list);
427 }
429 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
430 "olmBDBDNCache")) != NULL)
431 {
432 olmbdb_data = *olmbdb_list[0];
433 ssnprintf (typeinst, sizeof (typeinst),
434 "bdbdncache-%s", nc_data.bv_val);
435 cldap_submit_gauge ("cache_size", typeinst,
436 atoll (olmbdb_data.bv_val), st);
437 ldap_value_free_len (olmbdb_list);
438 }
440 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
441 "olmBDBIDLCache")) != NULL)
442 {
443 olmbdb_data = *olmbdb_list[0];
444 ssnprintf (typeinst, sizeof (typeinst),
445 "bdbidlcache-%s", nc_data.bv_val);
446 cldap_submit_gauge ("cache_size", typeinst,
447 atoll (olmbdb_data.bv_val), st);
448 ldap_value_free_len (olmbdb_list);
449 }
451 ldap_value_free_len (nc_list);
452 }
453 else if (strcmp (dn,
454 "cn=Bytes,cn=Statistics,cn=Monitor")
455 == 0)
456 {
457 cldap_submit_derive ("derive", "statistics-bytes",
458 counter, st);
459 }
460 else if (strcmp (dn,
461 "cn=PDU,cn=Statistics,cn=Monitor")
462 == 0)
463 {
464 cldap_submit_derive ("derive", "statistics-pdu",
465 counter, st);
466 }
467 else if (strcmp (dn,
468 "cn=Entries,cn=Statistics,cn=Monitor")
469 == 0)
470 {
471 cldap_submit_derive ("derive", "statistics-entries",
472 counter, st);
473 }
474 else if (strcmp (dn,
475 "cn=Referrals,cn=Statistics,cn=Monitor")
476 == 0)
477 {
478 cldap_submit_derive ("derive", "statistics-referrals",
479 counter, st);
480 }
481 else if (strcmp (dn,
482 "cn=Open,cn=Threads,cn=Monitor")
483 == 0)
484 {
485 cldap_submit_gauge ("threads", "threads-open",
486 info, st);
487 }
488 else if (strcmp (dn,
489 "cn=Starting,cn=Threads,cn=Monitor")
490 == 0)
491 {
492 cldap_submit_gauge ("threads", "threads-starting",
493 info, st);
494 }
495 else if (strcmp (dn,
496 "cn=Active,cn=Threads,cn=Monitor")
497 == 0)
498 {
499 cldap_submit_gauge ("threads", "threads-active",
500 info, st);
501 }
502 else if (strcmp (dn,
503 "cn=Pending,cn=Threads,cn=Monitor")
504 == 0)
505 {
506 cldap_submit_gauge ("threads", "threads-pending",
507 info, st);
508 }
509 else if (strcmp (dn,
510 "cn=Backload,cn=Threads,cn=Monitor")
511 == 0)
512 {
513 cldap_submit_gauge ("threads", "threads-backload",
514 info, st);
515 }
516 else if (strcmp (dn,
517 "cn=Read,cn=Waiters,cn=Monitor")
518 == 0)
519 {
520 cldap_submit_derive ("derive", "waiters-read",
521 counter, st);
522 }
523 else if (strcmp (dn,
524 "cn=Write,cn=Waiters,cn=Monitor")
525 == 0)
526 {
527 cldap_submit_derive ("derive", "waiters-write",
528 counter, st);
529 }
531 ldap_value_free_len (counter_list);
532 ldap_value_free_len (opc_list);
533 ldap_value_free_len (opi_list);
534 ldap_value_free_len (info_list);
535 }
537 ldap_memfree (dn);
538 }
540 ldap_msgfree (result);
541 return (0);
542 } /* }}} int cldap_read_host */
544 /* Configuration handling functions {{{
545 *
546 * <Plugin ldap>
547 * <Instance "plugin_instance1">
548 * URL "ldap://localhost"
549 * ...
550 * </Instance>
551 * </Plugin>
552 */
554 static int cldap_config_add (oconfig_item_t *ci) /* {{{ */
555 {
556 cldap_t *st;
557 int status;
559 st = calloc (1, sizeof (*st));
560 if (st == NULL)
561 {
562 ERROR ("openldap plugin: calloc failed.");
563 return (-1);
564 }
566 status = cf_util_get_string (ci, &st->name);
567 if (status != 0)
568 {
569 sfree (st);
570 return (status);
571 }
573 st->starttls = 0;
574 st->timeout = (long) (CDTIME_T_TO_MS(plugin_get_interval()) / 1000);
575 st->verifyhost = 1;
576 st->version = LDAP_VERSION3;
578 for (int i = 0; i < ci->children_num; i++)
579 {
580 oconfig_item_t *child = ci->children + i;
582 if (strcasecmp ("BindDN", child->key) == 0)
583 status = cf_util_get_string (child, &st->binddn);
584 else if (strcasecmp ("Password", child->key) == 0)
585 status = cf_util_get_string (child, &st->password);
586 else if (strcasecmp ("CACert", child->key) == 0)
587 status = cf_util_get_string (child, &st->cacert);
588 else if (strcasecmp ("StartTLS", child->key) == 0)
589 status = cf_util_get_boolean (child, &st->starttls);
590 else if (strcasecmp ("Timeout", child->key) == 0)
591 status = cf_util_get_int (child, &st->timeout);
592 else if (strcasecmp ("URL", child->key) == 0)
593 status = cf_util_get_string (child, &st->url);
594 else if (strcasecmp ("VerifyHost", child->key) == 0)
595 status = cf_util_get_boolean (child, &st->verifyhost);
596 else if (strcasecmp ("Version", child->key) == 0)
597 status = cf_util_get_int (child, &st->version);
598 else
599 {
600 WARNING ("openldap plugin: Option `%s' not allowed here.",
601 child->key);
602 status = -1;
603 }
605 if (status != 0)
606 break;
607 }
609 /* Check if struct is complete.. */
610 if ((status == 0) && (st->url == NULL))
611 {
612 ERROR ("openldap plugin: Instance `%s': "
613 "No URL has been configured.",
614 st->name);
615 status = -1;
616 }
618 /* Check if URL is valid */
619 if ((status == 0) && (st->url != NULL))
620 {
621 LDAPURLDesc *ludpp;
623 if (ldap_url_parse (st->url, &ludpp) != 0)
624 {
625 ERROR ("openldap plugin: Instance `%s': "
626 "Invalid URL: `%s'",
627 st->name, st->url);
628 status = -1;
629 }
631 if ((status == 0) && (ludpp->lud_host != NULL))
632 st->host = strdup (ludpp->lud_host);
634 ldap_free_urldesc (ludpp);
635 }
637 if (status == 0)
638 {
639 cldap_t **temp;
641 temp = (cldap_t **) realloc (databases,
642 sizeof (*databases) * (databases_num + 1));
644 if (temp == NULL)
645 {
646 ERROR ("openldap plugin: realloc failed");
647 status = -1;
648 }
649 else
650 {
651 char callback_name[3*DATA_MAX_NAME_LEN] = { 0 };
653 databases = temp;
654 databases[databases_num] = st;
655 databases_num++;
657 ssnprintf (callback_name, sizeof (callback_name),
658 "openldap/%s/%s",
659 (st->host != NULL) ? st->host : hostname_g,
660 (st->name != NULL) ? st->name : "default");
662 status = plugin_register_complex_read (/* group = */ NULL,
663 /* name = */ callback_name,
664 /* callback = */ cldap_read_host,
665 /* interval = */ 0,
666 &(user_data_t) {
667 .data = st,
668 });
669 }
670 }
672 if (status != 0)
673 {
674 cldap_free (st);
675 return (-1);
676 }
678 return (0);
679 } /* }}} int cldap_config_add */
681 static int cldap_config (oconfig_item_t *ci) /* {{{ */
682 {
683 int status = 0;
685 for (int i = 0; i < ci->children_num; i++)
686 {
687 oconfig_item_t *child = ci->children + i;
689 if (strcasecmp ("Instance", child->key) == 0)
690 cldap_config_add (child);
691 else
692 WARNING ("openldap plugin: The configuration option "
693 "\"%s\" is not allowed here. Did you "
694 "forget to add an <Instance /> block "
695 "around the configuration?",
696 child->key);
697 } /* for (ci->children) */
699 return (status);
700 } /* }}} int cldap_config */
702 /* }}} End of configuration handling functions */
704 static int cldap_init (void) /* {{{ */
705 {
706 /* Initialize LDAP library while still single-threaded as recommended in
707 * ldap_initialize(3) */
708 int debug_level;
709 ldap_get_option (NULL, LDAP_OPT_DEBUG_LEVEL, &debug_level);
710 return (0);
711 } /* }}} int cldap_init */
713 static int cldap_shutdown (void) /* {{{ */
714 {
715 for (size_t i = 0; i < databases_num; i++)
716 if (databases[i]->ld != NULL)
717 ldap_unbind_ext_s (databases[i]->ld, NULL, NULL);
718 sfree (databases);
719 databases_num = 0;
721 return (0);
722 } /* }}} int cldap_shutdown */
724 void module_register (void) /* {{{ */
725 {
726 plugin_register_complex_config ("openldap", cldap_config);
727 plugin_register_init ("openldap", cldap_init);
728 plugin_register_shutdown ("openldap", cldap_shutdown);
729 } /* }}} void module_register */
731 #if defined(__APPLE__)
732 #pragma clang diagnostic pop
733 #endif