1 /**
2 * collectd - src/openldap.c
3 * Copyright (C) 2011 Kimo Rosenbaum
4 * Copyright (C) 2014-2015 Marc Fournier
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a
7 * copy of this software and associated documentation files (the "Software"),
8 * to deal in the Software without restriction, including without limitation
9 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
10 * and/or sell copies of the Software, and to permit persons to whom the
11 * Software is furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22 * DEALINGS IN THE SOFTWARE.
23 *
24 * Authors:
25 * Kimo Rosenbaum <kimor79 at yahoo.com>
26 * Marc Fournier <marc.fournier at camptocamp.com>
27 **/
29 #include "collectd.h"
31 #include "common.h"
32 #include "plugin.h"
34 #if defined(__APPLE__)
35 #pragma clang diagnostic push
36 #pragma clang diagnostic warning "-Wdeprecated-declarations"
37 #endif
39 #include <lber.h>
40 #include <ldap.h>
42 struct cldap_s /* {{{ */
43 {
44 char *name;
46 char *binddn;
47 char *password;
48 char *cacert;
49 char *host;
50 int state;
51 _Bool starttls;
52 int timeout;
53 char *url;
54 _Bool verifyhost;
55 int version;
57 LDAP *ld;
58 };
59 typedef struct cldap_s cldap_t; /* }}} */
61 static cldap_t **databases = NULL;
62 static size_t databases_num = 0;
64 static void cldap_free (cldap_t *st) /* {{{ */
65 {
66 if (st == NULL)
67 return;
69 sfree (st->binddn);
70 sfree (st->password);
71 sfree (st->cacert);
72 sfree (st->host);
73 sfree (st->name);
74 sfree (st->url);
75 if (st->ld)
76 ldap_memfree (st->ld);
77 sfree (st);
78 } /* }}} void cldap_free */
80 /* initialize ldap for each host */
81 static int cldap_init_host (cldap_t *st) /* {{{ */
82 {
83 LDAP *ld;
84 int rc;
86 if (st->state && st->ld)
87 {
88 DEBUG ("openldap plugin: Already connected to %s", st->url);
89 return (0);
90 }
92 rc = ldap_initialize (&ld, st->url);
93 if (rc != LDAP_SUCCESS)
94 {
95 ERROR ("openldap plugin: ldap_initialize failed: %s",
96 ldap_err2string (rc));
97 st->state = 0;
98 ldap_unbind_ext_s (ld, NULL, NULL);
99 return (-1);
100 }
102 st->ld = ld;
104 ldap_set_option (st->ld, LDAP_OPT_PROTOCOL_VERSION, &st->version);
106 ldap_set_option (st->ld, LDAP_OPT_TIMEOUT,
107 &(const struct timeval){st->timeout, 0});
109 ldap_set_option (st->ld, LDAP_OPT_RESTART, LDAP_OPT_ON);
111 if (st->cacert != NULL)
112 ldap_set_option (st->ld, LDAP_OPT_X_TLS_CACERTFILE, st->cacert);
114 if (st->verifyhost == 0)
115 {
116 int never = LDAP_OPT_X_TLS_NEVER;
117 ldap_set_option (st->ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &never);
118 }
120 if (st->starttls != 0)
121 {
122 rc = ldap_start_tls_s (ld, NULL, NULL);
123 if (rc != LDAP_SUCCESS)
124 {
125 ERROR ("openldap plugin: Failed to start tls on %s: %s",
126 st->url, ldap_err2string (rc));
127 st->state = 0;
128 ldap_unbind_ext_s (st->ld, NULL, NULL);
129 return (-1);
130 }
131 }
133 struct berval cred;
134 if (st->password != NULL)
135 {
136 cred.bv_val = st->password;
137 cred.bv_len = strlen (st->password);
138 }
139 else
140 {
141 cred.bv_val = "";
142 cred.bv_len = 0;
143 }
145 rc = ldap_sasl_bind_s (st->ld, st->binddn, LDAP_SASL_SIMPLE, &cred,
146 NULL, NULL, NULL);
147 if (rc != LDAP_SUCCESS)
148 {
149 ERROR ("openldap plugin: Failed to bind to %s: %s",
150 st->url, ldap_err2string (rc));
151 st->state = 0;
152 ldap_unbind_ext_s (st->ld, NULL, NULL);
153 return (-1);
154 }
155 else
156 {
157 DEBUG ("openldap plugin: Successfully connected to %s",
158 st->url);
159 st->state = 1;
160 return (0);
161 }
162 } /* }}} static cldap_init_host */
164 static void cldap_submit_value (const char *type, const char *type_instance, /* {{{ */
165 value_t value, cldap_t *st)
166 {
167 value_list_t vl = VALUE_LIST_INIT;
169 vl.values = &value;
170 vl.values_len = 1;
172 if ((st->host != NULL) && (strcmp ("localhost", st->host) != 0))
173 sstrncpy (vl.host, st->host, sizeof (vl.host));
175 sstrncpy (vl.plugin, "openldap", sizeof (vl.plugin));
176 if (st->name != NULL)
177 sstrncpy (vl.plugin_instance, st->name,
178 sizeof (vl.plugin_instance));
180 sstrncpy (vl.type, type, sizeof (vl.type));
181 if (type_instance != NULL)
182 sstrncpy (vl.type_instance, type_instance,
183 sizeof (vl.type_instance));
185 plugin_dispatch_values (&vl);
186 } /* }}} void cldap_submit_value */
188 static void cldap_submit_derive (const char *type, const char *type_instance, /* {{{ */
189 derive_t d, cldap_t *st)
190 {
191 cldap_submit_value (type, type_instance, (value_t) { .derive = d }, st);
192 } /* }}} void cldap_submit_derive */
194 static void cldap_submit_gauge (const char *type, const char *type_instance, /* {{{ */
195 gauge_t g, cldap_t *st)
196 {
197 cldap_submit_value (type, type_instance, (value_t) { .gauge = g }, st);
198 } /* }}} void cldap_submit_gauge */
200 static int cldap_read_host (user_data_t *ud) /* {{{ */
201 {
202 cldap_t *st;
203 LDAPMessage *result;
204 char *dn;
205 int rc;
206 int status;
208 char *attrs[9] = { "monitorCounter",
209 "monitorOpCompleted",
210 "monitorOpInitiated",
211 "monitoredInfo",
212 "olmBDBEntryCache",
213 "olmBDBDNCache",
214 "olmBDBIDLCache",
215 "namingContexts",
216 NULL };
218 if ((ud == NULL) || (ud->data == NULL))
219 {
220 ERROR ("openldap plugin: cldap_read_host: Invalid user data.");
221 return (-1);
222 }
224 st = (cldap_t *) ud->data;
226 status = cldap_init_host (st);
227 if (status != 0)
228 return (-1);
230 rc = ldap_search_ext_s (st->ld, "cn=Monitor", LDAP_SCOPE_SUBTREE,
231 "(|(!(cn=* *))(cn=Database*))", attrs, 0,
232 NULL, NULL, NULL, 0, &result);
234 if (rc != LDAP_SUCCESS)
235 {
236 ERROR ("openldap plugin: Failed to execute search: %s",
237 ldap_err2string (rc));
238 ldap_msgfree (result);
239 st->state = 0;
240 ldap_unbind_ext_s (st->ld, NULL, NULL);
241 return (-1);
242 }
244 for (LDAPMessage *e = ldap_first_entry (st->ld, result); e != NULL;
245 e = ldap_next_entry (st->ld, e))
246 {
247 if ((dn = ldap_get_dn (st->ld, e)) != NULL)
248 {
249 unsigned long long counter = 0;
250 unsigned long long opc = 0;
251 unsigned long long opi = 0;
252 unsigned long long info = 0;
254 struct berval counter_data;
255 struct berval opc_data;
256 struct berval opi_data;
257 struct berval info_data;
258 struct berval olmbdb_data;
259 struct berval nc_data;
261 struct berval **counter_list;
262 struct berval **opc_list;
263 struct berval **opi_list;
264 struct berval **info_list;
265 struct berval **olmbdb_list;
266 struct berval **nc_list;
268 if ((counter_list = ldap_get_values_len (st->ld, e,
269 "monitorCounter")) != NULL)
270 {
271 counter_data = *counter_list[0];
272 counter = atoll (counter_data.bv_val);
273 }
275 if ((opc_list = ldap_get_values_len (st->ld, e,
276 "monitorOpCompleted")) != NULL)
277 {
278 opc_data = *opc_list[0];
279 opc = atoll (opc_data.bv_val);
280 }
282 if ((opi_list = ldap_get_values_len (st->ld, e,
283 "monitorOpInitiated")) != NULL)
284 {
285 opi_data = *opi_list[0];
286 opi = atoll (opi_data.bv_val);
287 }
289 if ((info_list = ldap_get_values_len (st->ld, e,
290 "monitoredInfo")) != NULL)
291 {
292 info_data = *info_list[0];
293 info = atoll (info_data.bv_val);
294 }
296 if (strcmp (dn, "cn=Total,cn=Connections,cn=Monitor")
297 == 0)
298 {
299 cldap_submit_derive ("total_connections", NULL,
300 counter, st);
301 }
302 else if (strcmp (dn,
303 "cn=Current,cn=Connections,cn=Monitor")
304 == 0)
305 {
306 cldap_submit_gauge ("current_connections", NULL,
307 counter, st);
308 }
309 else if (strcmp (dn,
310 "cn=Operations,cn=Monitor") == 0)
311 {
312 cldap_submit_derive ("operations",
313 "completed", opc, st);
314 cldap_submit_derive ("operations",
315 "initiated", opi, st);
316 }
317 else if (strcmp (dn,
318 "cn=Bind,cn=Operations,cn=Monitor")
319 == 0)
320 {
321 cldap_submit_derive ("operations",
322 "bind-completed", opc, st);
323 cldap_submit_derive ("operations",
324 "bind-initiated", opi, st);
325 }
326 else if (strcmp (dn,
327 "cn=UnBind,cn=Operations,cn=Monitor")
328 == 0)
329 {
330 cldap_submit_derive ("operations",
331 "unbind-completed", opc, st);
332 cldap_submit_derive ("operations",
333 "unbind-initiated", opi, st);
334 }
335 else if (strcmp (dn,
336 "cn=Search,cn=Operations,cn=Monitor")
337 == 0)
338 {
339 cldap_submit_derive ("operations",
340 "search-completed", opc, st);
341 cldap_submit_derive ("operations",
342 "search-initiated", opi, st);
343 }
344 else if (strcmp (dn,
345 "cn=Compare,cn=Operations,cn=Monitor")
346 == 0)
347 {
348 cldap_submit_derive ("operations",
349 "compare-completed", opc, st);
350 cldap_submit_derive ("operations",
351 "compare-initiated", opi, st);
352 }
353 else if (strcmp (dn,
354 "cn=Modify,cn=Operations,cn=Monitor")
355 == 0)
356 {
357 cldap_submit_derive ("operations",
358 "modify-completed", opc, st);
359 cldap_submit_derive ("operations",
360 "modify-initiated", opi, st);
361 }
362 else if (strcmp (dn,
363 "cn=Modrdn,cn=Operations,cn=Monitor")
364 == 0)
365 {
366 cldap_submit_derive ("operations",
367 "modrdn-completed", opc, st);
368 cldap_submit_derive ("operations",
369 "modrdn-initiated", opi, st);
370 }
371 else if (strcmp (dn,
372 "cn=Add,cn=Operations,cn=Monitor")
373 == 0)
374 {
375 cldap_submit_derive ("operations",
376 "add-completed", opc, st);
377 cldap_submit_derive ("operations",
378 "add-initiated", opi, st);
379 }
380 else if (strcmp (dn,
381 "cn=Delete,cn=Operations,cn=Monitor")
382 == 0)
383 {
384 cldap_submit_derive ("operations",
385 "delete-completed", opc, st);
386 cldap_submit_derive ("operations",
387 "delete-initiated", opi, st);
388 }
389 else if (strcmp (dn,
390 "cn=Abandon,cn=Operations,cn=Monitor")
391 == 0)
392 {
393 cldap_submit_derive ("operations",
394 "abandon-completed", opc, st);
395 cldap_submit_derive ("operations",
396 "abandon-initiated", opi, st);
397 }
398 else if (strcmp (dn,
399 "cn=Extended,cn=Operations,cn=Monitor")
400 == 0)
401 {
402 cldap_submit_derive ("operations",
403 "extended-completed", opc, st);
404 cldap_submit_derive ("operations",
405 "extended-initiated", opi, st);
406 }
407 else if ((strncmp (dn, "cn=Database", 11) == 0)
408 && ((nc_list = ldap_get_values_len
409 (st->ld, e, "namingContexts")) != NULL))
410 {
411 nc_data = *nc_list[0];
412 char typeinst[DATA_MAX_NAME_LEN];
414 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
415 "olmBDBEntryCache")) != NULL)
416 {
417 olmbdb_data = *olmbdb_list[0];
418 ssnprintf (typeinst, sizeof (typeinst),
419 "bdbentrycache-%s", nc_data.bv_val);
420 cldap_submit_gauge ("cache_size", typeinst,
421 atoll (olmbdb_data.bv_val), st);
422 ldap_value_free_len (olmbdb_list);
423 }
425 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
426 "olmBDBDNCache")) != NULL)
427 {
428 olmbdb_data = *olmbdb_list[0];
429 ssnprintf (typeinst, sizeof (typeinst),
430 "bdbdncache-%s", nc_data.bv_val);
431 cldap_submit_gauge ("cache_size", typeinst,
432 atoll (olmbdb_data.bv_val), st);
433 ldap_value_free_len (olmbdb_list);
434 }
436 if ((olmbdb_list = ldap_get_values_len (st->ld, e,
437 "olmBDBIDLCache")) != NULL)
438 {
439 olmbdb_data = *olmbdb_list[0];
440 ssnprintf (typeinst, sizeof (typeinst),
441 "bdbidlcache-%s", nc_data.bv_val);
442 cldap_submit_gauge ("cache_size", typeinst,
443 atoll (olmbdb_data.bv_val), st);
444 ldap_value_free_len (olmbdb_list);
445 }
447 ldap_value_free_len (nc_list);
448 }
449 else if (strcmp (dn,
450 "cn=Bytes,cn=Statistics,cn=Monitor")
451 == 0)
452 {
453 cldap_submit_derive ("derive", "statistics-bytes",
454 counter, st);
455 }
456 else if (strcmp (dn,
457 "cn=PDU,cn=Statistics,cn=Monitor")
458 == 0)
459 {
460 cldap_submit_derive ("derive", "statistics-pdu",
461 counter, st);
462 }
463 else if (strcmp (dn,
464 "cn=Entries,cn=Statistics,cn=Monitor")
465 == 0)
466 {
467 cldap_submit_derive ("derive", "statistics-entries",
468 counter, st);
469 }
470 else if (strcmp (dn,
471 "cn=Referrals,cn=Statistics,cn=Monitor")
472 == 0)
473 {
474 cldap_submit_derive ("derive", "statistics-referrals",
475 counter, st);
476 }
477 else if (strcmp (dn,
478 "cn=Open,cn=Threads,cn=Monitor")
479 == 0)
480 {
481 cldap_submit_gauge ("threads", "threads-open",
482 info, st);
483 }
484 else if (strcmp (dn,
485 "cn=Starting,cn=Threads,cn=Monitor")
486 == 0)
487 {
488 cldap_submit_gauge ("threads", "threads-starting",
489 info, st);
490 }
491 else if (strcmp (dn,
492 "cn=Active,cn=Threads,cn=Monitor")
493 == 0)
494 {
495 cldap_submit_gauge ("threads", "threads-active",
496 info, st);
497 }
498 else if (strcmp (dn,
499 "cn=Pending,cn=Threads,cn=Monitor")
500 == 0)
501 {
502 cldap_submit_gauge ("threads", "threads-pending",
503 info, st);
504 }
505 else if (strcmp (dn,
506 "cn=Backload,cn=Threads,cn=Monitor")
507 == 0)
508 {
509 cldap_submit_gauge ("threads", "threads-backload",
510 info, st);
511 }
512 else if (strcmp (dn,
513 "cn=Read,cn=Waiters,cn=Monitor")
514 == 0)
515 {
516 cldap_submit_derive ("derive", "waiters-read",
517 counter, st);
518 }
519 else if (strcmp (dn,
520 "cn=Write,cn=Waiters,cn=Monitor")
521 == 0)
522 {
523 cldap_submit_derive ("derive", "waiters-write",
524 counter, st);
525 }
527 ldap_value_free_len (counter_list);
528 ldap_value_free_len (opc_list);
529 ldap_value_free_len (opi_list);
530 ldap_value_free_len (info_list);
531 }
533 ldap_memfree (dn);
534 }
536 ldap_msgfree (result);
537 return (0);
538 } /* }}} int cldap_read_host */
540 /* Configuration handling functions {{{
541 *
542 * <Plugin ldap>
543 * <Instance "plugin_instance1">
544 * URL "ldap://localhost"
545 * ...
546 * </Instance>
547 * </Plugin>
548 */
550 static int cldap_config_add (oconfig_item_t *ci) /* {{{ */
551 {
552 cldap_t *st;
553 int status;
555 st = calloc (1, sizeof (*st));
556 if (st == NULL)
557 {
558 ERROR ("openldap plugin: calloc failed.");
559 return (-1);
560 }
562 status = cf_util_get_string (ci, &st->name);
563 if (status != 0)
564 {
565 sfree (st);
566 return (status);
567 }
569 st->starttls = 0;
570 st->timeout = (long) CDTIME_T_TO_TIME_T(plugin_get_interval());
571 st->verifyhost = 1;
572 st->version = LDAP_VERSION3;
574 for (int i = 0; i < ci->children_num; i++)
575 {
576 oconfig_item_t *child = ci->children + i;
578 if (strcasecmp ("BindDN", child->key) == 0)
579 status = cf_util_get_string (child, &st->binddn);
580 else if (strcasecmp ("Password", child->key) == 0)
581 status = cf_util_get_string (child, &st->password);
582 else if (strcasecmp ("CACert", child->key) == 0)
583 status = cf_util_get_string (child, &st->cacert);
584 else if (strcasecmp ("StartTLS", child->key) == 0)
585 status = cf_util_get_boolean (child, &st->starttls);
586 else if (strcasecmp ("Timeout", child->key) == 0)
587 status = cf_util_get_int (child, &st->timeout);
588 else if (strcasecmp ("URL", child->key) == 0)
589 status = cf_util_get_string (child, &st->url);
590 else if (strcasecmp ("VerifyHost", child->key) == 0)
591 status = cf_util_get_boolean (child, &st->verifyhost);
592 else if (strcasecmp ("Version", child->key) == 0)
593 status = cf_util_get_int (child, &st->version);
594 else
595 {
596 WARNING ("openldap plugin: Option `%s' not allowed here.",
597 child->key);
598 status = -1;
599 }
601 if (status != 0)
602 break;
603 }
605 /* Check if struct is complete.. */
606 if ((status == 0) && (st->url == NULL))
607 {
608 ERROR ("openldap plugin: Instance `%s': "
609 "No URL has been configured.",
610 st->name);
611 status = -1;
612 }
614 /* Check if URL is valid */
615 if ((status == 0) && (st->url != NULL))
616 {
617 LDAPURLDesc *ludpp;
619 if (ldap_url_parse (st->url, &ludpp) != 0)
620 {
621 ERROR ("openldap plugin: Instance `%s': "
622 "Invalid URL: `%s'",
623 st->name, st->url);
624 status = -1;
625 }
627 if ((status == 0) && (ludpp->lud_host != NULL))
628 st->host = strdup (ludpp->lud_host);
630 ldap_free_urldesc (ludpp);
631 }
633 if (status == 0)
634 {
635 cldap_t **temp;
637 temp = (cldap_t **) realloc (databases,
638 sizeof (*databases) * (databases_num + 1));
640 if (temp == NULL)
641 {
642 ERROR ("openldap plugin: realloc failed");
643 status = -1;
644 }
645 else
646 {
647 char callback_name[3*DATA_MAX_NAME_LEN] = { 0 };
649 databases = temp;
650 databases[databases_num] = st;
651 databases_num++;
653 ssnprintf (callback_name, sizeof (callback_name),
654 "openldap/%s/%s",
655 (st->host != NULL) ? st->host : hostname_g,
656 (st->name != NULL) ? st->name : "default");
658 status = plugin_register_complex_read (/* group = */ NULL,
659 /* name = */ callback_name,
660 /* callback = */ cldap_read_host,
661 /* interval = */ 0,
662 &(user_data_t) {
663 .data = st,
664 });
665 }
666 }
668 if (status != 0)
669 {
670 cldap_free (st);
671 return (-1);
672 }
674 return (0);
675 } /* }}} int cldap_config_add */
677 static int cldap_config (oconfig_item_t *ci) /* {{{ */
678 {
679 int status = 0;
681 for (int i = 0; i < ci->children_num; i++)
682 {
683 oconfig_item_t *child = ci->children + i;
685 if (strcasecmp ("Instance", child->key) == 0)
686 cldap_config_add (child);
687 else
688 WARNING ("openldap plugin: The configuration option "
689 "\"%s\" is not allowed here. Did you "
690 "forget to add an <Instance /> block "
691 "around the configuration?",
692 child->key);
693 } /* for (ci->children) */
695 return (status);
696 } /* }}} int cldap_config */
698 /* }}} End of configuration handling functions */
700 static int cldap_init (void) /* {{{ */
701 {
702 /* Initialize LDAP library while still single-threaded as recommended in
703 * ldap_initialize(3) */
704 int debug_level;
705 ldap_get_option (NULL, LDAP_OPT_DEBUG_LEVEL, &debug_level);
706 return (0);
707 } /* }}} int cldap_init */
709 static int cldap_shutdown (void) /* {{{ */
710 {
711 for (size_t i = 0; i < databases_num; i++)
712 if (databases[i]->ld != NULL)
713 ldap_unbind_ext_s (databases[i]->ld, NULL, NULL);
714 sfree (databases);
715 databases_num = 0;
717 return (0);
718 } /* }}} int cldap_shutdown */
720 void module_register (void) /* {{{ */
721 {
722 plugin_register_complex_config ("openldap", cldap_config);
723 plugin_register_init ("openldap", cldap_init);
724 plugin_register_shutdown ("openldap", cldap_shutdown);
725 } /* }}} void module_register */
727 #if defined(__APPLE__)
728 #pragma clang diagnostic pop
729 #endif