/* $NetBSD: monitor.c,v 1.1.1.6.6.1 2019/08/10 06:17:18 martin Exp $ */
/* monitor.c - monitor ldap backend */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software .
*
* Copyright 2003-2019 The OpenLDAP Foundation.
* Portions Copyright 1999-2003 Howard Chu.
* Portions Copyright 2000-2003 Pierangelo Masarati.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* .
*/
/* ACKNOWLEDGEMENTS:
* This work was initially developed by the Howard Chu for inclusion
* in OpenLDAP Software and subsequently enhanced by Pierangelo
* Masarati.
*/
#include
__RCSID("$NetBSD: monitor.c,v 1.1.1.6.6.1 2019/08/10 06:17:18 martin Exp $");
#include "portable.h"
#include
#include
#include
#include
#include
#include
#include "lutil.h"
#include "back-ldap.h"
#include "config.h"
static ObjectClass *oc_olmLDAPDatabase;
static ObjectClass *oc_olmLDAPConnection;
static ObjectClass *oc_monitorContainer;
static ObjectClass *oc_monitorCounterObject;
static AttributeDescription *ad_olmDbURIList;
static AttributeDescription *ad_olmDbOperations;
static AttributeDescription *ad_olmDbBoundDN;
static AttributeDescription *ad_olmDbConnFlags;
static AttributeDescription *ad_olmDbConnURI;
static AttributeDescription *ad_olmDbPeerAddress;
/*
* Stolen from back-monitor/operations.c
* We don't need the normalized rdn's though.
*/
struct ldap_back_monitor_ops_t {
struct berval rdn;
} ldap_back_monitor_op[] = {
{ BER_BVC( "cn=Bind" ) },
{ BER_BVC( "cn=Unbind" ) },
{ BER_BVC( "cn=Search" ) },
{ BER_BVC( "cn=Compare" ) },
{ BER_BVC( "cn=Modify" ) },
{ BER_BVC( "cn=Modrdn" ) },
{ BER_BVC( "cn=Add" ) },
{ BER_BVC( "cn=Delete" ) },
{ BER_BVC( "cn=Abandon" ) },
{ BER_BVC( "cn=Extended" ) },
{ BER_BVNULL }
};
/* Corresponds to connection flags in back-ldap.h */
static struct {
unsigned flag;
struct berval name;
} s_flag[] = {
{ LDAP_BACK_FCONN_ISBOUND, BER_BVC( "bound" ) },
{ LDAP_BACK_FCONN_ISANON, BER_BVC( "anonymous" ) },
{ LDAP_BACK_FCONN_ISPRIV, BER_BVC( "privileged" ) },
{ LDAP_BACK_FCONN_ISTLS, BER_BVC( "TLS" ) },
{ LDAP_BACK_FCONN_BINDING, BER_BVC( "binding" ) },
{ LDAP_BACK_FCONN_TAINTED, BER_BVC( "tainted" ) },
{ LDAP_BACK_FCONN_ABANDON, BER_BVC( "abandon" ) },
{ LDAP_BACK_FCONN_ISIDASR, BER_BVC( "idassert" ) },
{ LDAP_BACK_FCONN_CACHED, BER_BVC( "cached" ) },
{ 0 }
};
/*
* NOTE: there's some confusion in monitor OID arc;
* by now, let's consider:
*
* Subsystems monitor attributes 1.3.6.1.4.1.4203.666.1.55.0
* Databases monitor attributes 1.3.6.1.4.1.4203.666.1.55.0.1
* LDAP database monitor attributes 1.3.6.1.4.1.4203.666.1.55.0.1.2
*
* Subsystems monitor objectclasses 1.3.6.1.4.1.4203.666.3.16.0
* Databases monitor objectclasses 1.3.6.1.4.1.4203.666.3.16.0.1
* LDAP database monitor objectclasses 1.3.6.1.4.1.4203.666.3.16.0.1.2
*/
static struct {
char *name;
char *oid;
} s_oid[] = {
{ "olmLDAPAttributes", "olmDatabaseAttributes:2" },
{ "olmLDAPObjectClasses", "olmDatabaseObjectClasses:2" },
{ NULL }
};
static struct {
char *desc;
AttributeDescription **ad;
} s_at[] = {
{ "( olmLDAPAttributes:1 "
"NAME ( 'olmDbURIList' ) "
"DESC 'List of URIs a proxy is serving; can be modified run-time' "
"SUP managedInfo )",
&ad_olmDbURIList },
{ "( olmLDAPAttributes:2 "
"NAME ( 'olmDbOperation' ) "
"DESC 'monitor operations performed' "
"SUP monitorCounter "
"NO-USER-MODIFICATION "
"USAGE dSAOperation )",
&ad_olmDbOperations },
{ "( olmLDAPAttributes:3 "
"NAME ( 'olmDbBoundDN' ) "
"DESC 'monitor connection authorization DN' "
"SUP monitorConnectionAuthzDN "
"NO-USER-MODIFICATION "
"USAGE dSAOperation )",
&ad_olmDbBoundDN },
{ "( olmLDAPAttributes:4 "
"NAME ( 'olmDbConnFlags' ) "
"DESC 'monitor connection flags' "
"SUP monitoredInfo "
"NO-USER-MODIFICATION "
"USAGE dSAOperation )",
&ad_olmDbConnFlags },
{ "( olmLDAPAttributes:5 "
"NAME ( 'olmDbConnURI' ) "
"DESC 'monitor connection URI' "
"SUP monitorConnectionPeerAddress "
"NO-USER-MODIFICATION "
"USAGE dSAOperation )",
&ad_olmDbConnURI },
{ "( olmLDAPAttributes:6 "
"NAME ( 'olmDbConnPeerAddress' ) "
"DESC 'monitor connection peer address' "
"SUP monitorConnectionPeerAddress "
"NO-USER-MODIFICATION "
"USAGE dSAOperation )",
&ad_olmDbPeerAddress },
{ NULL }
};
static struct {
char *name;
ObjectClass **oc;
} s_moc[] = {
{ "monitorContainer", &oc_monitorContainer },
{ "monitorCounterObject", &oc_monitorCounterObject },
{ NULL }
};
static struct {
char *desc;
ObjectClass **oc;
} s_oc[] = {
/* augments an existing object, so it must be AUXILIARY
* FIXME: derive from some ABSTRACT "monitoredEntity"? */
{ "( olmLDAPObjectClasses:1 "
"NAME ( 'olmLDAPDatabase' ) "
"SUP top AUXILIARY "
"MAY ( "
"olmDbURIList "
") )",
&oc_olmLDAPDatabase },
{ "( olmLDAPObjectClasses:2 "
"NAME ( 'olmLDAPConnection' ) "
"SUP monitorConnection STRUCTURAL "
"MAY ( "
"olmDbBoundDN "
"$ olmDbConnFlags "
"$ olmDbConnURI "
"$ olmDbConnPeerAddress "
") )",
&oc_olmLDAPConnection },
{ NULL }
};
static int
ldap_back_monitor_update(
Operation *op,
SlapReply *rs,
Entry *e,
void *priv )
{
ldapinfo_t *li = (ldapinfo_t *)priv;
Attribute *a;
/* update olmDbURIList */
a = attr_find( e->e_attrs, ad_olmDbURIList );
if ( a != NULL ) {
struct berval bv;
assert( a->a_vals != NULL );
assert( !BER_BVISNULL( &a->a_vals[ 0 ] ) );
assert( BER_BVISNULL( &a->a_vals[ 1 ] ) );
ldap_pvt_thread_mutex_lock( &li->li_uri_mutex );
if ( li->li_uri ) {
ber_str2bv( li->li_uri, 0, 0, &bv );
if ( !bvmatch( &a->a_vals[ 0 ], &bv ) ) {
ber_bvreplace( &a->a_vals[ 0 ], &bv );
}
}
ldap_pvt_thread_mutex_unlock( &li->li_uri_mutex );
}
return SLAP_CB_CONTINUE;
}
static int
ldap_back_monitor_modify(
Operation *op,
SlapReply *rs,
Entry *e,
void *priv )
{
ldapinfo_t *li = (ldapinfo_t *) priv;
Attribute *save_attrs = NULL;
Modifications *ml,
*ml_olmDbURIList = NULL;
struct berval ul = BER_BVNULL;
int got = 0;
for ( ml = op->orm_modlist; ml; ml = ml->sml_next ) {
if ( ml->sml_desc == ad_olmDbURIList ) {
if ( ml_olmDbURIList != NULL ) {
rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
rs->sr_text = "conflicting modifications";
goto done;
}
if ( ml->sml_op != LDAP_MOD_REPLACE ) {
rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
rs->sr_text = "modification not allowed";
goto done;
}
ml_olmDbURIList = ml;
got++;
continue;
}
}
if ( got == 0 ) {
return SLAP_CB_CONTINUE;
}
save_attrs = attrs_dup( e->e_attrs );
if ( ml_olmDbURIList != NULL ) {
Attribute *a = NULL;
LDAPURLDesc *ludlist = NULL;
int rc;
ml = ml_olmDbURIList;
assert( ml->sml_nvalues != NULL );
if ( BER_BVISNULL( &ml->sml_nvalues[ 0 ] ) ) {
rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
rs->sr_text = "no value provided";
goto done;
}
if ( !BER_BVISNULL( &ml->sml_nvalues[ 1 ] ) ) {
rs->sr_err = LDAP_CONSTRAINT_VIOLATION;
rs->sr_text = "multiple values provided";
goto done;
}
rc = ldap_url_parselist_ext( &ludlist,
ml->sml_nvalues[ 0 ].bv_val, NULL,
LDAP_PVT_URL_PARSE_NOEMPTY_HOST
| LDAP_PVT_URL_PARSE_DEF_PORT );
if ( rc != LDAP_URL_SUCCESS ) {
rs->sr_err = LDAP_INVALID_SYNTAX;
rs->sr_text = "unable to parse URI list";
goto done;
}
ul.bv_val = ldap_url_list2urls( ludlist );
ldap_free_urllist( ludlist );
if ( ul.bv_val == NULL ) {
rs->sr_err = LDAP_OTHER;
goto done;
}
ul.bv_len = strlen( ul.bv_val );
a = attr_find( e->e_attrs, ad_olmDbURIList );
if ( a != NULL ) {
if ( a->a_nvals == a->a_vals ) {
a->a_nvals = ch_calloc( sizeof( struct berval ), 2 );
}
ber_bvreplace( &a->a_vals[ 0 ], &ul );
ber_bvreplace( &a->a_nvals[ 0 ], &ul );
} else {
attr_merge_normalize_one( e, ad_olmDbURIList, &ul, NULL );
}
}
/* apply changes */
if ( !BER_BVISNULL( &ul ) ) {
ldap_pvt_thread_mutex_lock( &li->li_uri_mutex );
if ( li->li_uri ) {
ch_free( li->li_uri );
}
li->li_uri = ul.bv_val;
ldap_pvt_thread_mutex_unlock( &li->li_uri_mutex );
BER_BVZERO( &ul );
}
done:;
if ( !BER_BVISNULL( &ul ) ) {
ldap_memfree( ul.bv_val );
}
if ( rs->sr_err == LDAP_SUCCESS ) {
attrs_free( save_attrs );
return SLAP_CB_CONTINUE;
}
attrs_free( e->e_attrs );
e->e_attrs = save_attrs;
return rs->sr_err;
}
static int
ldap_back_monitor_free(
Entry *e,
void **priv )
{
ldapinfo_t *li = (ldapinfo_t *)(*priv);
*priv = NULL;
if ( !slapd_shutdown ) {
memset( &li->li_monitor_info, 0, sizeof( li->li_monitor_info ) );
}
return SLAP_CB_CONTINUE;
}
static int
ldap_back_monitor_subsystem_destroy(
BackendDB *be,
monitor_subsys_t *ms)
{
free(ms->mss_dn.bv_val);
BER_BVZERO(&ms->mss_dn);
free(ms->mss_ndn.bv_val);
BER_BVZERO(&ms->mss_ndn);
return LDAP_SUCCESS;
}
/*
* Connection monitoring subsystem:
* Tries to mimick what the cn=connections,cn=monitor subsystem does
* by creating volatile entries for each connection and populating them
* according to the information attached to the connection.
* At this moment the only exposed information is the DN used to bind it.
* Also note that the connection IDs are not and probably never will be
* stable.
*/
struct ldap_back_monitor_conn_arg {
Operation *op;
monitor_subsys_t *ms;
Entry **ep;
};
/* code stolen from daemon.c */
static int
ldap_back_monitor_conn_peername(
LDAP *ld,
struct berval *bv)
{
Sockbuf *sockbuf;
ber_socket_t socket;
Sockaddr sa;
socklen_t salen = sizeof(sa);
const char *peeraddr = NULL;
/* we assume INET6_ADDRSTRLEN > INET_ADDRSTRLEN */
char addr[INET6_ADDRSTRLEN];
#ifdef LDAP_PF_LOCAL
char peername[MAXPATHLEN + sizeof("PATH=")];
#elif defined(LDAP_PF_INET6)
char peername[sizeof("IP=[ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff]:65535")];
#else /* ! LDAP_PF_LOCAL && ! LDAP_PF_INET6 */
char peername[sizeof("IP=255.255.255.255:65336")];
#endif /* LDAP_PF_LOCAL */
assert( bv != NULL );
ldap_get_option( ld, LDAP_OPT_SOCKBUF, (void **)&sockbuf );
ber_sockbuf_ctrl( sockbuf, LBER_SB_OPT_GET_FD, &socket );
getpeername( socket, (struct sockaddr *)&sa, &salen );
switch ( sa.sa_addr.sa_family ) {
#ifdef LDAP_PF_LOCAL
case AF_LOCAL:
sprintf( peername, "PATH=%s", sa.sa_un_addr.sun_path );
break;
#endif /* LDAP_PF_LOCAL */
#ifdef LDAP_PF_INET6
case AF_INET6:
if ( IN6_IS_ADDR_V4MAPPED(&sa.sa_in6_addr.sin6_addr) ) {
#if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
peeraddr = inet_ntop( AF_INET,
((struct in_addr *)&sa.sa_in6_addr.sin6_addr.s6_addr[12]),
addr, sizeof(addr) );
#else /* ! HAVE_GETADDRINFO || ! HAVE_INET_NTOP */
peeraddr = inet_ntoa( *((struct in_addr *)
&sa.sa_in6_addr.sin6_addr.s6_addr[12]) );
#endif /* ! HAVE_GETADDRINFO || ! HAVE_INET_NTOP */
if ( !peeraddr ) peeraddr = SLAP_STRING_UNKNOWN;
sprintf( peername, "IP=%s:%d", peeraddr,
(unsigned) ntohs( sa.sa_in6_addr.sin6_port ) );
} else {
peeraddr = inet_ntop( AF_INET6,
&sa.sa_in6_addr.sin6_addr,
addr, sizeof addr );
if ( !peeraddr ) peeraddr = SLAP_STRING_UNKNOWN;
sprintf( peername, "IP=[%s]:%d", peeraddr,
(unsigned) ntohs( sa.sa_in6_addr.sin6_port ) );
}
break;
#endif /* LDAP_PF_INET6 */
case AF_INET: {
#if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
peeraddr = inet_ntop( AF_INET, &sa.sa_in_addr.sin_addr,
addr, sizeof(addr) );
#else /* ! HAVE_GETADDRINFO || ! HAVE_INET_NTOP */
peeraddr = inet_ntoa( sa.sa_in_addr.sin_addr );
#endif /* ! HAVE_GETADDRINFO || ! HAVE_INET_NTOP */
if ( !peeraddr ) peeraddr = SLAP_STRING_UNKNOWN;
sprintf( peername, "IP=%s:%d", peeraddr,
(unsigned) ntohs( sa.sa_in_addr.sin_port ) );
} break;
default:
sprintf( peername, SLAP_STRING_UNKNOWN );
}
ber_str2bv( peername, 0, 1, bv );
return LDAP_SUCCESS;
}
static int
ldap_back_monitor_conn_entry(
ldapconn_t *lc,
struct ldap_back_monitor_conn_arg *arg )
{
Entry *e;
monitor_entry_t *mp;
monitor_extra_t *mbe = arg->op->o_bd->bd_info->bi_extra;
char buf[SLAP_TEXT_BUFLEN];
char *ptr;
struct berval bv;
int i;
bv.bv_val = buf;
bv.bv_len = snprintf( bv.bv_val, SLAP_TEXT_BUFLEN,
"cn=Connection %lu", lc->lc_connid );
e = mbe->entry_stub( &arg->ms->mss_dn, &arg->ms->mss_ndn, &bv,
oc_monitorContainer, NULL, NULL );
attr_merge_normalize_one( e, ad_olmDbBoundDN, &lc->lc_bound_ndn, NULL );
for ( i = 0; s_flag[i].flag; i++ )
{
if ( lc->lc_flags & s_flag[i].flag )
{
attr_merge_normalize_one( e, ad_olmDbConnFlags, &s_flag[i].name, NULL );
}
}
ldap_get_option( lc->lc_ld, LDAP_OPT_URI, &bv.bv_val );
ptr = strchr( bv.bv_val, ' ' );
bv.bv_len = ptr ? ptr - bv.bv_val : strlen(bv.bv_val);
attr_merge_normalize_one( e, ad_olmDbConnURI, &bv, NULL );
ch_free( bv.bv_val );
ldap_back_monitor_conn_peername( lc->lc_ld, &bv );
attr_merge_normalize_one( e, ad_olmDbPeerAddress, &bv, NULL );
ch_free( bv.bv_val );
mp = mbe->entrypriv_create();
e->e_private = mp;
mp->mp_info = arg->ms;
mp->mp_flags = MONITOR_F_SUB | MONITOR_F_VOLATILE;
*arg->ep = e;
arg->ep = &mp->mp_next;
return 0;
}
static int
ldap_back_monitor_conn_create(
Operation *op,
SlapReply *rs,
struct berval *ndn,
Entry *e_parent,
Entry **ep )
{
monitor_entry_t *mp_parent;
monitor_subsys_t *ms;
ldapinfo_t *li;
ldapconn_t *lc;
struct ldap_back_monitor_conn_arg *arg;
int conn_type;
assert( e_parent->e_private != NULL );
mp_parent = e_parent->e_private;
ms = (monitor_subsys_t *)mp_parent->mp_info;
li = (ldapinfo_t *)ms->mss_private;
arg = ch_calloc( 1, sizeof(struct ldap_back_monitor_conn_arg) );
arg->op = op;
arg->ep = ep;
arg->ms = ms;
for ( conn_type = LDAP_BACK_PCONN_FIRST;
conn_type < LDAP_BACK_PCONN_LAST;
conn_type++ )
{
LDAP_TAILQ_FOREACH( lc,
&li->li_conn_priv[ conn_type ].lic_priv,
lc_q )
{
ldap_back_monitor_conn_entry( lc, arg );
}
}
avl_apply( li->li_conninfo.lai_tree, (AVL_APPLY)ldap_back_monitor_conn_entry,
arg, -1, AVL_INORDER );
ch_free( arg );
return 0;
}
static int
ldap_back_monitor_conn_init(
BackendDB *be,
monitor_subsys_t *ms )
{
ldapinfo_t *li = (ldapinfo_t *) ms->mss_private;
monitor_extra_t *mbe;
Entry *e;
int rc;
assert( be != NULL );
mbe = (monitor_extra_t *) be->bd_info->bi_extra;
ms->mss_dn = ms->mss_ndn = li->li_monitor_info.lmi_ndn;
ms->mss_rdn = li->li_monitor_info.lmi_conn_rdn;
ms->mss_create = ldap_back_monitor_conn_create;
ms->mss_destroy = ldap_back_monitor_subsystem_destroy;
e = mbe->entry_stub( &ms->mss_dn, &ms->mss_ndn,
&ms->mss_rdn, oc_monitorContainer, NULL, NULL );
if ( e == NULL ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_conn_init: "
"unable to create entry \"%s,%s\"\n",
li->li_monitor_info.lmi_conn_rdn.bv_val,
ms->mss_ndn.bv_val, 0 );
return( -1 );
}
ber_dupbv( &ms->mss_dn, &e->e_name );
ber_dupbv( &ms->mss_ndn, &e->e_nname );
rc = mbe->register_entry( e, NULL, ms, MONITOR_F_VOLATILE_CH );
/* add labeledURI and special, modifiable URI value */
if ( rc == LDAP_SUCCESS && li->li_uri != NULL ) {
struct berval bv;
Attribute *a;
LDAPURLDesc *ludlist = NULL;
monitor_callback_t *cb = NULL;
a = attr_alloc( ad_olmDbURIList );
ber_str2bv( li->li_uri, 0, 0, &bv );
attr_valadd( a, &bv, NULL, 1 );
attr_normalize( a->a_desc, a->a_vals, &a->a_nvals, NULL );
rc = ldap_url_parselist_ext( &ludlist,
li->li_uri, NULL,
LDAP_PVT_URL_PARSE_NOEMPTY_HOST
| LDAP_PVT_URL_PARSE_DEF_PORT );
if ( rc != LDAP_URL_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_db_open: "
"unable to parse URI list (ignored)\n",
0, 0, 0 );
} else {
Attribute *a2 = attr_alloc( slap_schema.si_ad_labeledURI );
a->a_next = a2;
for ( ; ludlist != NULL; ) {
LDAPURLDesc *next = ludlist->lud_next;
bv.bv_val = ldap_url_desc2str( ludlist );
assert( bv.bv_val != NULL );
ldap_free_urldesc( ludlist );
bv.bv_len = strlen( bv.bv_val );
attr_valadd( a2, &bv, NULL, 1 );
ch_free( bv.bv_val );
ludlist = next;
}
attr_normalize( a2->a_desc, a2->a_vals, &a2->a_nvals, NULL );
}
cb = ch_calloc( sizeof( monitor_callback_t ), 1 );
cb->mc_update = ldap_back_monitor_update;
cb->mc_modify = ldap_back_monitor_modify;
cb->mc_free = ldap_back_monitor_free;
cb->mc_private = (void *)li;
rc = mbe->register_entry_attrs( &ms->mss_ndn, a, cb, NULL, -1, NULL );
attr_free( a->a_next );
attr_free( a );
if ( rc != LDAP_SUCCESS )
{
ch_free( cb );
}
}
entry_free( e );
return rc;
}
/*
* Operation monitoring subsystem:
* Looks a lot like the cn=operations,cn=monitor subsystem except that at this
* moment, only completed operations are counted. Each entry has a separate
* callback with all the needed information linked there in the structure
* below so that the callback need not locate it over and over again.
*/
struct ldap_back_monitor_op_counter {
ldap_pvt_mp_t *data;
ldap_pvt_thread_mutex_t *mutex;
};
static void
ldap_back_monitor_ops_dispose(
void **priv)
{
struct ldap_back_monitor_op_counter *counter = *priv;
ch_free( counter );
counter = NULL;
}
static int
ldap_back_monitor_ops_free(
Entry *e,
void **priv)
{
ldap_back_monitor_ops_dispose( priv );
return LDAP_SUCCESS;
}
static int
ldap_back_monitor_ops_update(
Operation *op,
SlapReply *rs,
Entry *e,
void *priv )
{
struct ldap_back_monitor_op_counter *counter = priv;
Attribute *a;
/*TODO
* what about initiated/completed?
*/
a = attr_find( e->e_attrs, ad_olmDbOperations );
assert( a != NULL );
ldap_pvt_thread_mutex_lock( counter->mutex );
UI2BV( &a->a_vals[ 0 ], *counter->data );
ldap_pvt_thread_mutex_unlock( counter->mutex );
return SLAP_CB_CONTINUE;
}
static int
ldap_back_monitor_ops_init(
BackendDB *be,
monitor_subsys_t *ms )
{
ldapinfo_t *li = (ldapinfo_t *) ms->mss_private;
monitor_extra_t *mbe;
Entry *e, *parent;
int rc;
slap_op_t op;
struct berval value = BER_BVC( "0" );
assert( be != NULL );
mbe = (monitor_extra_t *) be->bd_info->bi_extra;
ms->mss_dn = ms->mss_ndn = li->li_monitor_info.lmi_ndn;
ms->mss_rdn = li->li_monitor_info.lmi_ops_rdn;
ms->mss_destroy = ldap_back_monitor_subsystem_destroy;
parent = mbe->entry_stub( &ms->mss_dn, &ms->mss_ndn,
&ms->mss_rdn, oc_monitorContainer, NULL, NULL );
if ( parent == NULL ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_ops_init: "
"unable to create entry \"%s,%s\"\n",
li->li_monitor_info.lmi_ops_rdn.bv_val,
ms->mss_ndn.bv_val, 0 );
return( -1 );
}
ber_dupbv( &ms->mss_dn, &parent->e_name );
ber_dupbv( &ms->mss_ndn, &parent->e_nname );
rc = mbe->register_entry( parent, NULL, ms, MONITOR_F_PERSISTENT_CH );
if ( rc != LDAP_SUCCESS )
{
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_ops_init: "
"unable to register entry \"%s\" for monitoring\n",
parent->e_name.bv_val, 0, 0 );
goto done;
}
for ( op = 0; op < SLAP_OP_LAST; op++ )
{
monitor_callback_t *cb;
struct ldap_back_monitor_op_counter *counter;
e = mbe->entry_stub( &parent->e_name, &parent->e_nname,
&ldap_back_monitor_op[op].rdn,
oc_monitorCounterObject, NULL, NULL );
if ( e == NULL ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_ops_init: "
"unable to create entry \"%s,%s\"\n",
ldap_back_monitor_op[op].rdn.bv_val,
parent->e_nname.bv_val, 0 );
return( -1 );
}
attr_merge_normalize_one( e, ad_olmDbOperations, &value, NULL );
counter = ch_malloc( sizeof( struct ldap_back_monitor_op_counter ) );
counter->data = &li->li_ops_completed[ op ];
counter->mutex = &li->li_counter_mutex;
/*
* We cannot share a single callback between entries.
*
* monitor_cache_destroy() tries to free all callbacks and it's called
* before mss_destroy() so we have no chance of handling it ourselves
*/
cb = ch_calloc( sizeof( monitor_callback_t ), 1 );
cb->mc_update = ldap_back_monitor_ops_update;
cb->mc_free = ldap_back_monitor_ops_free;
cb->mc_dispose = ldap_back_monitor_ops_dispose;
cb->mc_private = (void *)counter;
rc = mbe->register_entry( e, cb, ms, 0 );
/* TODO: register_entry has stored a duplicate so we might actually reuse it
* instead of recreating it every time... */
entry_free( e );
if ( rc != LDAP_SUCCESS )
{
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_ops_init: "
"unable to register entry \"%s\" for monitoring\n",
e->e_name.bv_val, 0, 0 );
ch_free( cb );
break;
}
}
done:
entry_free( parent );
return rc;
}
/*
* call from within ldap_back_initialize()
*/
static int
ldap_back_monitor_initialize( void )
{
int i, code;
ConfigArgs c;
char *argv[ 3 ];
static int ldap_back_monitor_initialized = 0;
/* set to 0 when successfully initialized; otherwise, remember failure */
static int ldap_back_monitor_initialized_failure = 1;
/* register schema here; if compiled as dynamic object,
* must be loaded __after__ back_monitor.la */
if ( ldap_back_monitor_initialized++ ) {
return ldap_back_monitor_initialized_failure;
}
if ( backend_info( "monitor" ) == NULL ) {
return -1;
}
argv[ 0 ] = "back-ldap monitor";
c.argv = argv;
c.argc = 3;
c.fname = argv[0];
for ( i = 0; s_oid[ i ].name; i++ ) {
argv[ 1 ] = s_oid[ i ].name;
argv[ 2 ] = s_oid[ i ].oid;
if ( parse_oidm( &c, 0, NULL ) != 0 ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_initialize: unable to add "
"objectIdentifier \"%s=%s\"\n",
s_oid[ i ].name, s_oid[ i ].oid, 0 );
return 2;
}
}
for ( i = 0; s_at[ i ].desc != NULL; i++ ) {
code = register_at( s_at[ i ].desc, s_at[ i ].ad, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_initialize: register_at failed for attributeType (%s)\n",
s_at[ i ].desc, 0, 0 );
return 3;
} else {
(*s_at[ i ].ad)->ad_type->sat_flags |= SLAP_AT_HIDE;
}
}
for ( i = 0; s_oc[ i ].desc != NULL; i++ ) {
code = register_oc( s_oc[ i ].desc, s_oc[ i ].oc, 1 );
if ( code != LDAP_SUCCESS ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_initialize: register_oc failed for objectClass (%s)\n",
s_oc[ i ].desc, 0, 0 );
return 4;
} else {
(*s_oc[ i ].oc)->soc_flags |= SLAP_OC_HIDE;
}
}
for ( i = 0; s_moc[ i ].name != NULL; i++ ) {
*s_moc[i].oc = oc_find( s_moc[ i ].name );
if ( ! *s_moc[i].oc ) {
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_initialize: failed to find objectClass (%s)\n",
s_moc[ i ].name, 0, 0 );
return 5;
}
}
return ( ldap_back_monitor_initialized_failure = LDAP_SUCCESS );
}
/*
* call from within ldap_back_db_init()
*/
int
ldap_back_monitor_db_init( BackendDB *be )
{
int rc;
rc = ldap_back_monitor_initialize();
if ( rc != LDAP_SUCCESS ) {
return rc;
}
#if 0 /* uncomment to turn monitoring on by default */
SLAP_DBFLAGS( be ) |= SLAP_DBFLAG_MONITORING;
#endif
return 0;
}
/*
* call from within ldap_back_db_open()
*/
int
ldap_back_monitor_db_open( BackendDB *be )
{
ldapinfo_t *li = (ldapinfo_t *) be->be_private;
monitor_subsys_t *mss = li->li_monitor_info.lmi_mss;
int rc = 0;
BackendInfo *mi;
monitor_extra_t *mbe;
if ( !SLAP_DBMONITORING( be ) ) {
return 0;
}
/* check if monitor is configured and usable */
mi = backend_info( "monitor" );
if ( !mi || !mi->bi_extra ) {
SLAP_DBFLAGS( be ) ^= SLAP_DBFLAG_MONITORING;
return 0;
}
mbe = mi->bi_extra;
/* don't bother if monitor is not configured */
if ( !mbe->is_configured() ) {
static int warning = 0;
if ( warning++ == 0 ) {
Debug( LDAP_DEBUG_ANY, "ldap_back_monitor_db_open: "
"monitoring disabled; "
"configure monitor database to enable\n",
0, 0, 0 );
}
return 0;
}
/* caller (e.g. an overlay based on back-ldap) may want to use
* a different DN and RDNs... */
if ( BER_BVISNULL( &li->li_monitor_info.lmi_ndn ) ) {
rc = mbe->register_database( be, &li->li_monitor_info.lmi_ndn );
if ( rc != 0 ) {
Debug( LDAP_DEBUG_ANY, "ldap_back_monitor_db_open: "
"failed to register the databse with back-monitor\n",
0, 0, 0 );
}
}
if ( BER_BVISNULL( &li->li_monitor_info.lmi_conn_rdn ) ) {
ber_str2bv( "cn=Connections", 0, 1,
&li->li_monitor_info.lmi_conn_rdn );
}
if ( BER_BVISNULL( &li->li_monitor_info.lmi_ops_rdn ) ) {
ber_str2bv( "cn=Operations", 0, 1,
&li->li_monitor_info.lmi_ops_rdn );
}
/* set up the subsystems used to create the operation and
* volatile connection entries */
mss->mss_name = "back-ldap connections";
mss->mss_flags = MONITOR_F_VOLATILE_CH;
mss->mss_open = ldap_back_monitor_conn_init;
mss->mss_private = li;
if ( mbe->register_subsys_late( mss ) )
{
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_db_open: "
"failed to register connection subsystem", 0, 0, 0 );
return -1;
}
mss++;
mss->mss_name = "back-ldap operations";
mss->mss_flags = MONITOR_F_PERSISTENT_CH;
mss->mss_open = ldap_back_monitor_ops_init;
mss->mss_private = li;
if ( mbe->register_subsys_late( mss ) )
{
Debug( LDAP_DEBUG_ANY,
"ldap_back_monitor_db_open: "
"failed to register operation subsystem", 0, 0, 0 );
return -1;
}
return rc;
}
/*
* call from within ldap_back_db_close()
*/
int
ldap_back_monitor_db_close( BackendDB *be )
{
ldapinfo_t *li = (ldapinfo_t *) be->be_private;
if ( li && !BER_BVISNULL( &li->li_monitor_info.lmi_ndn ) ) {
BackendInfo *mi;
monitor_extra_t *mbe;
/* check if monitor is configured and usable */
mi = backend_info( "monitor" );
if ( mi && mi->bi_extra ) {
mbe = mi->bi_extra;
/*TODO
* Unregister all entries our subsystems have created.
* Will only really be necessary when
* SLAPD_CONFIG_DELETE is enabled.
*
* Might need a way to unregister subsystems instead.
*/
}
}
return 0;
}
/*
* call from within ldap_back_db_destroy()
*/
int
ldap_back_monitor_db_destroy( BackendDB *be )
{
ldapinfo_t *li = (ldapinfo_t *) be->be_private;
if ( li ) {
memset( &li->li_monitor_info, 0, sizeof( li->li_monitor_info ) );
}
return 0;
}