andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 6 months ago
Clone
Blob Blame History Raw
From e78c098543bbf64b03d1f3df98aa26184c435737 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Fri, 19 May 2017 11:18:20 -0400
Subject: [PATCH] Ticket 48681 - logconv.pl - Fix SASL Bind stats and rework
 report format

Description:  We were previously counting ANONYMOUS sasl bind mechanisms
              as anonymous binds.  The report was also changed to make the
              binds stats clearer.

https://pagure.io/389-ds-base/issue/48681

Reviewed by: tbordaz(Thanks!)

(cherry picked from commit f913252541c90ab7f3d62d74818c43ad01ff5c4e)
---
 ldap/admin/src/logconv.pl | 52 ++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 40 insertions(+), 12 deletions(-)

diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
index c30e175..4932db4 100755
--- a/ldap/admin/src/logconv.pl
+++ b/ldap/admin/src/logconv.pl
@@ -1099,23 +1099,23 @@ print "Max BER Size Exceeded:        $maxBerSizeCount\n";
 print "\n";
 print "Binds:                        $bindCount\n";
 print "Unbinds:                      $unbindCount\n";
+print "------------------------------";
+print "-" x length $bindCount;
+print "\n";
 print " - LDAP v2 Binds:             $v2BindCount\n";
 print " - LDAP v3 Binds:             $v3BindCount\n";
-print " - AUTOBINDs:                 $autobindCount\n";
+print " - AUTOBINDs(LDAPI):          $autobindCount\n";
 print " - SSL Client Binds:          $sslClientBindCount\n";
 print " - Failed SSL Client Binds:   $sslClientFailedCount\n";
 print " - SASL Binds:                $saslBindCount\n";
 if ($saslBindCount > 0){
 	my $saslmech = $hashes->{saslmech};
 	foreach my $saslb ( sort {$saslmech->{$b} <=> $saslmech->{$a} } (keys %{$saslmech}) ){
-		printf "    %-4s - %s\n",$saslb, $saslmech->{$saslb};
+		printf "   - %-4s: %s\n",$saslb, $saslmech->{$saslb};
 	}
 }
-
 print " - Directory Manager Binds:   $rootDNBindCount\n";
 print " - Anonymous Binds:           $anonymousBindCount\n";
-my $otherBindCount = $bindCount -($rootDNBindCount + $anonymousBindCount);
-print " - Other Binds:               $otherBindCount\n\n";
 
 ##########################################################################
 #                       Verbose Logging Section                          #
@@ -1195,9 +1195,9 @@ if ($usage =~ /e/i || $verb eq "yes"){
 }
 
 ####################################
-#			   #
+#                                  #
 #     Print Failed Logins          #
-#				   #
+#                                  #
 ####################################
 
 if ($verb eq "yes" || $usage =~ /f/ ){
@@ -2117,7 +2117,7 @@ sub parseLineNormal
 		($connID) = $_ =~ /conn=(\d*)\s/;
 		handleConnClose($connID);
 	}
-	if (m/ BIND/ && $_ =~ /dn=\"(.*)\" method=128/i ){
+	if (m/ BIND / && $_ =~ /dn=\"(.*)\" method=128/i ){
 		my $binddn = $1;
 		if($reportStats){ inc_stats('bind',$s_stats,$m_stats); }
 		$bindCount++;
@@ -2531,21 +2531,49 @@ sub parseLineNormal
 			}
 		}
 	}
-	if (/ BIND / && /method=sasl/i){
+	if (/ BIND / && $_ =~ /dn=\"(.*)\" method=sasl/i){
+		my $binddn = $1;
+		my ($conn, $op);
 		$saslBindCount++;
 		$bindCount++;
 		if ($_ =~ /mech=(.*)/i ){
 			my $mech = $1;
 			$hashes->{saslmech}->{$mech}++;
-			my ($conn, $op);
 			if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){
 				$conn = $1;
 				$op = $2;
 				$hashes->{saslconnop}->{$conn-$op} = $mech;
 			}
 		}
-		if (/ mech=ANONYMOUS/){
-			$anonymousBindCount++;
+		if ($binddn ne ""){
+			if($binddn eq $rootDN){ $rootDNBindCount++; }
+			if($usage =~ /f/ || $usage =~ /u/ || $usage =~ /U/ || $usage =~ /b/ || $verb eq "yes"){
+				$tmpp = $binddn;
+				$tmpp =~ tr/A-Z/a-z/;
+				$hashes->{bindlist}->{$tmpp}++;
+				$hashes->{bind_conn_op}->{"$serverRestartCount,$conn,$op"} = $tmpp;
+			}
+		}
+	}
+	if (/ RESULT err=/ && / tag=97 nentries=0 etime=/ && $_ =~ /dn=\"(.*)\"/i){
+		# Check if this is a sasl bind, if see we need to add the RESULT's dn as a bind dn
+		my $binddn = $1;
+		my ($conn, $op);
+		if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){
+			$conn = $1;
+			$op = $2;
+			if ($hashes->{saslconnop}->{$conn-$op} ne ""){
+				# This was a SASL BIND - record the dn
+				if ($binddn ne ""){
+					if($binddn eq $rootDN){ $rootDNBindCount++; }
+					if($usage =~ /f/ || $usage =~ /u/ || $usage =~ /U/ || $usage =~ /b/ || $verb eq "yes"){
+						$tmpp = $binddn;
+						$tmpp =~ tr/A-Z/a-z/;
+						$hashes->{bindlist}->{$tmpp}++;
+						$hashes->{bind_conn_op}->{"$serverRestartCount,$conn,$op"} = $tmpp;
+					}
+				}
+			}
 		}
 	}
 	if (/ RESULT err=14 tag=97 / && / SASL bind in progress/){
-- 
2.9.4