Blame SOURCES/0040-Ticket-48681-logconv.pl-Fix-SASL-Bind-stats-and-rewo.patch

6f51e1
From e78c098543bbf64b03d1f3df98aa26184c435737 Mon Sep 17 00:00:00 2001
6f51e1
From: Mark Reynolds <mreynolds@redhat.com>
6f51e1
Date: Fri, 19 May 2017 11:18:20 -0400
6f51e1
Subject: [PATCH] Ticket 48681 - logconv.pl - Fix SASL Bind stats and rework
6f51e1
 report format
6f51e1
6f51e1
Description:  We were previously counting ANONYMOUS sasl bind mechanisms
6f51e1
              as anonymous binds.  The report was also changed to make the
6f51e1
              binds stats clearer.
6f51e1
6f51e1
https://pagure.io/389-ds-base/issue/48681
6f51e1
6f51e1
Reviewed by: tbordaz(Thanks!)
6f51e1
6f51e1
(cherry picked from commit f913252541c90ab7f3d62d74818c43ad01ff5c4e)
6f51e1
---
6f51e1
 ldap/admin/src/logconv.pl | 52 ++++++++++++++++++++++++++++++++++++-----------
6f51e1
 1 file changed, 40 insertions(+), 12 deletions(-)
6f51e1
6f51e1
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
6f51e1
index c30e175..4932db4 100755
6f51e1
--- a/ldap/admin/src/logconv.pl
6f51e1
+++ b/ldap/admin/src/logconv.pl
6f51e1
@@ -1099,23 +1099,23 @@ print "Max BER Size Exceeded:        $maxBerSizeCount\n";
6f51e1
 print "\n";
6f51e1
 print "Binds:                        $bindCount\n";
6f51e1
 print "Unbinds:                      $unbindCount\n";
6f51e1
+print "------------------------------";
6f51e1
+print "-" x length $bindCount;
6f51e1
+print "\n";
6f51e1
 print " - LDAP v2 Binds:             $v2BindCount\n";
6f51e1
 print " - LDAP v3 Binds:             $v3BindCount\n";
6f51e1
-print " - AUTOBINDs:                 $autobindCount\n";
6f51e1
+print " - AUTOBINDs(LDAPI):          $autobindCount\n";
6f51e1
 print " - SSL Client Binds:          $sslClientBindCount\n";
6f51e1
 print " - Failed SSL Client Binds:   $sslClientFailedCount\n";
6f51e1
 print " - SASL Binds:                $saslBindCount\n";
6f51e1
 if ($saslBindCount > 0){
6f51e1
 	my $saslmech = $hashes->{saslmech};
6f51e1
 	foreach my $saslb ( sort {$saslmech->{$b} <=> $saslmech->{$a} } (keys %{$saslmech}) ){
6f51e1
-		printf "    %-4s - %s\n",$saslb, $saslmech->{$saslb};
6f51e1
+		printf "   - %-4s: %s\n",$saslb, $saslmech->{$saslb};
6f51e1
 	}
6f51e1
 }
6f51e1
-
6f51e1
 print " - Directory Manager Binds:   $rootDNBindCount\n";
6f51e1
 print " - Anonymous Binds:           $anonymousBindCount\n";
6f51e1
-my $otherBindCount = $bindCount -($rootDNBindCount + $anonymousBindCount);
6f51e1
-print " - Other Binds:               $otherBindCount\n\n";
6f51e1
 
6f51e1
 ##########################################################################
6f51e1
 #                       Verbose Logging Section                          #
6f51e1
@@ -1195,9 +1195,9 @@ if ($usage =~ /e/i || $verb eq "yes"){
6f51e1
 }
6f51e1
 
6f51e1
 ####################################
6f51e1
-#			   #
6f51e1
+#                                  #
6f51e1
 #     Print Failed Logins          #
6f51e1
-#				   #
6f51e1
+#                                  #
6f51e1
 ####################################
6f51e1
 
6f51e1
 if ($verb eq "yes" || $usage =~ /f/ ){
6f51e1
@@ -2117,7 +2117,7 @@ sub parseLineNormal
6f51e1
 		($connID) = $_ =~ /conn=(\d*)\s/;
6f51e1
 		handleConnClose($connID);
6f51e1
 	}
6f51e1
-	if (m/ BIND/ && $_ =~ /dn=\"(.*)\" method=128/i ){
6f51e1
+	if (m/ BIND / && $_ =~ /dn=\"(.*)\" method=128/i ){
6f51e1
 		my $binddn = $1;
6f51e1
 		if($reportStats){ inc_stats('bind',$s_stats,$m_stats); }
6f51e1
 		$bindCount++;
6f51e1
@@ -2531,21 +2531,49 @@ sub parseLineNormal
6f51e1
 			}
6f51e1
 		}
6f51e1
 	}
6f51e1
-	if (/ BIND / && /method=sasl/i){
6f51e1
+	if (/ BIND / && $_ =~ /dn=\"(.*)\" method=sasl/i){
6f51e1
+		my $binddn = $1;
6f51e1
+		my ($conn, $op);
6f51e1
 		$saslBindCount++;
6f51e1
 		$bindCount++;
6f51e1
 		if ($_ =~ /mech=(.*)/i ){
6f51e1
 			my $mech = $1;
6f51e1
 			$hashes->{saslmech}->{$mech}++;
6f51e1
-			my ($conn, $op);
6f51e1
 			if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){
6f51e1
 				$conn = $1;
6f51e1
 				$op = $2;
6f51e1
 				$hashes->{saslconnop}->{$conn-$op} = $mech;
6f51e1
 			}
6f51e1
 		}
6f51e1
-		if (/ mech=ANONYMOUS/){
6f51e1
-			$anonymousBindCount++;
6f51e1
+		if ($binddn ne ""){
6f51e1
+			if($binddn eq $rootDN){ $rootDNBindCount++; }
6f51e1
+			if($usage =~ /f/ || $usage =~ /u/ || $usage =~ /U/ || $usage =~ /b/ || $verb eq "yes"){
6f51e1
+				$tmpp = $binddn;
6f51e1
+				$tmpp =~ tr/A-Z/a-z/;
6f51e1
+				$hashes->{bindlist}->{$tmpp}++;
6f51e1
+				$hashes->{bind_conn_op}->{"$serverRestartCount,$conn,$op"} = $tmpp;
6f51e1
+			}
6f51e1
+		}
6f51e1
+	}
6f51e1
+	if (/ RESULT err=/ && / tag=97 nentries=0 etime=/ && $_ =~ /dn=\"(.*)\"/i){
6f51e1
+		# Check if this is a sasl bind, if see we need to add the RESULT's dn as a bind dn
6f51e1
+		my $binddn = $1;
6f51e1
+		my ($conn, $op);
6f51e1
+		if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){
6f51e1
+			$conn = $1;
6f51e1
+			$op = $2;
6f51e1
+			if ($hashes->{saslconnop}->{$conn-$op} ne ""){
6f51e1
+				# This was a SASL BIND - record the dn
6f51e1
+				if ($binddn ne ""){
6f51e1
+					if($binddn eq $rootDN){ $rootDNBindCount++; }
6f51e1
+					if($usage =~ /f/ || $usage =~ /u/ || $usage =~ /U/ || $usage =~ /b/ || $verb eq "yes"){
6f51e1
+						$tmpp = $binddn;
6f51e1
+						$tmpp =~ tr/A-Z/a-z/;
6f51e1
+						$hashes->{bindlist}->{$tmpp}++;
6f51e1
+						$hashes->{bind_conn_op}->{"$serverRestartCount,$conn,$op"} = $tmpp;
6f51e1
+					}
6f51e1
+				}
6f51e1
+			}
6f51e1
 		}
6f51e1
 	}
6f51e1
 	if (/ RESULT err=14 tag=97 / && / SASL bind in progress/){
6f51e1
-- 
6f51e1
2.9.4
6f51e1