andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone

Blame SOURCES/0040-Ticket-48681-logconv.pl-Fix-SASL-Bind-stats-and-rewo.patch

74ca47
From e78c098543bbf64b03d1f3df98aa26184c435737 Mon Sep 17 00:00:00 2001
74ca47
From: Mark Reynolds <mreynolds@redhat.com>
74ca47
Date: Fri, 19 May 2017 11:18:20 -0400
74ca47
Subject: [PATCH] Ticket 48681 - logconv.pl - Fix SASL Bind stats and rework
74ca47
 report format
74ca47
74ca47
Description:  We were previously counting ANONYMOUS sasl bind mechanisms
74ca47
              as anonymous binds.  The report was also changed to make the
74ca47
              binds stats clearer.
74ca47
74ca47
https://pagure.io/389-ds-base/issue/48681
74ca47
74ca47
Reviewed by: tbordaz(Thanks!)
74ca47
74ca47
(cherry picked from commit f913252541c90ab7f3d62d74818c43ad01ff5c4e)
74ca47
---
74ca47
 ldap/admin/src/logconv.pl | 52 ++++++++++++++++++++++++++++++++++++-----------
74ca47
 1 file changed, 40 insertions(+), 12 deletions(-)
74ca47
74ca47
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
74ca47
index c30e175..4932db4 100755
74ca47
--- a/ldap/admin/src/logconv.pl
74ca47
+++ b/ldap/admin/src/logconv.pl
74ca47
@@ -1099,23 +1099,23 @@ print "Max BER Size Exceeded:        $maxBerSizeCount\n";
74ca47
 print "\n";
74ca47
 print "Binds:                        $bindCount\n";
74ca47
 print "Unbinds:                      $unbindCount\n";
74ca47
+print "------------------------------";
74ca47
+print "-" x length $bindCount;
74ca47
+print "\n";
74ca47
 print " - LDAP v2 Binds:             $v2BindCount\n";
74ca47
 print " - LDAP v3 Binds:             $v3BindCount\n";
74ca47
-print " - AUTOBINDs:                 $autobindCount\n";
74ca47
+print " - AUTOBINDs(LDAPI):          $autobindCount\n";
74ca47
 print " - SSL Client Binds:          $sslClientBindCount\n";
74ca47
 print " - Failed SSL Client Binds:   $sslClientFailedCount\n";
74ca47
 print " - SASL Binds:                $saslBindCount\n";
74ca47
 if ($saslBindCount > 0){
74ca47
 	my $saslmech = $hashes->{saslmech};
74ca47
 	foreach my $saslb ( sort {$saslmech->{$b} <=> $saslmech->{$a} } (keys %{$saslmech}) ){
74ca47
-		printf "    %-4s - %s\n",$saslb, $saslmech->{$saslb};
74ca47
+		printf "   - %-4s: %s\n",$saslb, $saslmech->{$saslb};
74ca47
 	}
74ca47
 }
74ca47
-
74ca47
 print " - Directory Manager Binds:   $rootDNBindCount\n";
74ca47
 print " - Anonymous Binds:           $anonymousBindCount\n";
74ca47
-my $otherBindCount = $bindCount -($rootDNBindCount + $anonymousBindCount);
74ca47
-print " - Other Binds:               $otherBindCount\n\n";
74ca47
 
74ca47
 ##########################################################################
74ca47
 #                       Verbose Logging Section                          #
74ca47
@@ -1195,9 +1195,9 @@ if ($usage =~ /e/i || $verb eq "yes"){
74ca47
 }
74ca47
 
74ca47
 ####################################
74ca47
-#			   #
74ca47
+#                                  #
74ca47
 #     Print Failed Logins          #
74ca47
-#				   #
74ca47
+#                                  #
74ca47
 ####################################
74ca47
 
74ca47
 if ($verb eq "yes" || $usage =~ /f/ ){
74ca47
@@ -2117,7 +2117,7 @@ sub parseLineNormal
74ca47
 		($connID) = $_ =~ /conn=(\d*)\s/;
74ca47
 		handleConnClose($connID);
74ca47
 	}
74ca47
-	if (m/ BIND/ && $_ =~ /dn=\"(.*)\" method=128/i ){
74ca47
+	if (m/ BIND / && $_ =~ /dn=\"(.*)\" method=128/i ){
74ca47
 		my $binddn = $1;
74ca47
 		if($reportStats){ inc_stats('bind',$s_stats,$m_stats); }
74ca47
 		$bindCount++;
74ca47
@@ -2531,21 +2531,49 @@ sub parseLineNormal
74ca47
 			}
74ca47
 		}
74ca47
 	}
74ca47
-	if (/ BIND / && /method=sasl/i){
74ca47
+	if (/ BIND / && $_ =~ /dn=\"(.*)\" method=sasl/i){
74ca47
+		my $binddn = $1;
74ca47
+		my ($conn, $op);
74ca47
 		$saslBindCount++;
74ca47
 		$bindCount++;
74ca47
 		if ($_ =~ /mech=(.*)/i ){
74ca47
 			my $mech = $1;
74ca47
 			$hashes->{saslmech}->{$mech}++;
74ca47
-			my ($conn, $op);
74ca47
 			if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){
74ca47
 				$conn = $1;
74ca47
 				$op = $2;
74ca47
 				$hashes->{saslconnop}->{$conn-$op} = $mech;
74ca47
 			}
74ca47
 		}
74ca47
-		if (/ mech=ANONYMOUS/){
74ca47
-			$anonymousBindCount++;
74ca47
+		if ($binddn ne ""){
74ca47
+			if($binddn eq $rootDN){ $rootDNBindCount++; }
74ca47
+			if($usage =~ /f/ || $usage =~ /u/ || $usage =~ /U/ || $usage =~ /b/ || $verb eq "yes"){
74ca47
+				$tmpp = $binddn;
74ca47
+				$tmpp =~ tr/A-Z/a-z/;
74ca47
+				$hashes->{bindlist}->{$tmpp}++;
74ca47
+				$hashes->{bind_conn_op}->{"$serverRestartCount,$conn,$op"} = $tmpp;
74ca47
+			}
74ca47
+		}
74ca47
+	}
74ca47
+	if (/ RESULT err=/ && / tag=97 nentries=0 etime=/ && $_ =~ /dn=\"(.*)\"/i){
74ca47
+		# Check if this is a sasl bind, if see we need to add the RESULT's dn as a bind dn
74ca47
+		my $binddn = $1;
74ca47
+		my ($conn, $op);
74ca47
+		if ($_ =~ /conn= *([0-9A-Z]+) +op= *([0-9\-]+)/i){
74ca47
+			$conn = $1;
74ca47
+			$op = $2;
74ca47
+			if ($hashes->{saslconnop}->{$conn-$op} ne ""){
74ca47
+				# This was a SASL BIND - record the dn
74ca47
+				if ($binddn ne ""){
74ca47
+					if($binddn eq $rootDN){ $rootDNBindCount++; }
74ca47
+					if($usage =~ /f/ || $usage =~ /u/ || $usage =~ /U/ || $usage =~ /b/ || $verb eq "yes"){
74ca47
+						$tmpp = $binddn;
74ca47
+						$tmpp =~ tr/A-Z/a-z/;
74ca47
+						$hashes->{bindlist}->{$tmpp}++;
74ca47
+						$hashes->{bind_conn_op}->{"$serverRestartCount,$conn,$op"} = $tmpp;
74ca47
+					}
74ca47
+				}
74ca47
+			}
74ca47
 		}
74ca47
 	}
74ca47
 	if (/ RESULT err=14 tag=97 / && / SASL bind in progress/){
74ca47
-- 
74ca47
2.9.4
74ca47