diff options
| -rw-r--r-- | plugins/check_ldap.c | 69 |
1 files changed, 60 insertions, 9 deletions
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c index c371be9..1c09dfa 100644 --- a/plugins/check_ldap.c +++ b/plugins/check_ldap.c | |||
| @@ -67,7 +67,10 @@ int ld_protocol = DEFAULT_PROTOCOL; | |||
| 67 | #endif | 67 | #endif |
| 68 | double warn_time = UNDEFINED; | 68 | double warn_time = UNDEFINED; |
| 69 | double crit_time = UNDEFINED; | 69 | double crit_time = UNDEFINED; |
| 70 | thresholds *entries_thresholds = NULL; | ||
| 70 | struct timeval tv; | 71 | struct timeval tv; |
| 72 | char* warn_entries = NULL; | ||
| 73 | char* crit_entries = NULL; | ||
| 71 | int starttls = FALSE; | 74 | int starttls = FALSE; |
| 72 | int ssl_on_connect = FALSE; | 75 | int ssl_on_connect = FALSE; |
| 73 | int verbose = 0; | 76 | int verbose = 0; |
| @@ -94,6 +97,12 @@ main (int argc, char *argv[]) | |||
| 94 | int tls; | 97 | int tls; |
| 95 | int version=3; | 98 | int version=3; |
| 96 | 99 | ||
| 100 | /* for entry counting */ | ||
| 101 | |||
| 102 | LDAPMessage *next_entry; | ||
| 103 | int status_entries = STATE_OK; | ||
| 104 | int num_entries = 0; | ||
| 105 | |||
| 97 | setlocale (LC_ALL, ""); | 106 | setlocale (LC_ALL, ""); |
| 98 | bindtextdomain (PACKAGE, LOCALEDIR); | 107 | bindtextdomain (PACKAGE, LOCALEDIR); |
| 99 | textdomain (PACKAGE); | 108 | textdomain (PACKAGE); |
| @@ -197,12 +206,14 @@ main (int argc, char *argv[]) | |||
| 197 | } | 206 | } |
| 198 | 207 | ||
| 199 | /* do a search of all objectclasses in the base dn */ | 208 | /* do a search of all objectclasses in the base dn */ |
| 200 | if (ldap_search_s (ld, ld_base, LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) | 209 | if (ldap_search_s (ld, ld_base, (crit_entries!=NULL || warn_entries!=NULL) ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) |
| 201 | != LDAP_SUCCESS) { | 210 | != LDAP_SUCCESS) { |
| 202 | if (verbose) | 211 | if (verbose) |
| 203 | ldap_perror(ld, "ldap_search"); | 212 | ldap_perror(ld, "ldap_search"); |
| 204 | printf (_("Could not search/find objectclasses in %s\n"), ld_base); | 213 | printf (_("Could not search/find objectclasses in %s\n"), ld_base); |
| 205 | return STATE_CRITICAL; | 214 | return STATE_CRITICAL; |
| 215 | } else if (crit_entries!=NULL || warn_entries!=NULL) { | ||
| 216 | num_entries = ldap_count_entries(ld, result); | ||
| 206 | } | 217 | } |
| 207 | 218 | ||
| 208 | /* unbind from the ldap server */ | 219 | /* unbind from the ldap server */ |
| @@ -223,14 +234,36 @@ main (int argc, char *argv[]) | |||
| 223 | else | 234 | else |
| 224 | status = STATE_OK; | 235 | status = STATE_OK; |
| 225 | 236 | ||
| 237 | status_entries = get_status(num_entries, entries_thresholds); | ||
| 238 | if (status_entries == STATE_CRITICAL) { | ||
| 239 | status = STATE_CRITICAL; | ||
| 240 | } else if (status!=STATE_CRITICAL) { | ||
| 241 | status = STATE_WARNING; | ||
| 242 | } | ||
| 243 | |||
| 226 | /* print out the result */ | 244 | /* print out the result */ |
| 227 | printf (_("LDAP %s - %.3f seconds response time|%s\n"), | 245 | if (crit_entries!=NULL || warn_entries!=NULL) { |
| 228 | state_text (status), | 246 | printf (_("LDAP %s - found %d entries in %.3f seconds|%s %s\n"), |
| 229 | elapsed_time, | 247 | state_text (status), |
| 230 | fperfdata ("time", elapsed_time, "s", | 248 | num_entries, |
| 231 | (int)warn_time, warn_time, | 249 | elapsed_time, |
| 232 | (int)crit_time, crit_time, | 250 | fperfdata ("time", elapsed_time, "s", |
| 233 | TRUE, 0, FALSE, 0)); | 251 | (int)warn_time, warn_time, |
| 252 | (int)crit_time, crit_time, | ||
| 253 | TRUE, 0, FALSE, 0), | ||
| 254 | sperfdata ("entries", (double)num_entries, "", | ||
| 255 | warn_entries, | ||
| 256 | crit_entries, | ||
| 257 | TRUE, 0.0, FALSE, 0.0)); | ||
| 258 | } else { | ||
| 259 | printf (_("LDAP %s - %.3f seconds response time|%s\n"), | ||
| 260 | state_text (status), | ||
| 261 | elapsed_time, | ||
| 262 | fperfdata ("time", elapsed_time, "s", | ||
| 263 | (int)warn_time, warn_time, | ||
| 264 | (int)crit_time, crit_time, | ||
| 265 | TRUE, 0, FALSE, 0)); | ||
| 266 | } | ||
| 234 | 267 | ||
| 235 | return status; | 268 | return status; |
| 236 | } | 269 | } |
| @@ -263,6 +296,8 @@ process_arguments (int argc, char **argv) | |||
| 263 | {"port", required_argument, 0, 'p'}, | 296 | {"port", required_argument, 0, 'p'}, |
| 264 | {"warn", required_argument, 0, 'w'}, | 297 | {"warn", required_argument, 0, 'w'}, |
| 265 | {"crit", required_argument, 0, 'c'}, | 298 | {"crit", required_argument, 0, 'c'}, |
| 299 | {"warn-entries", required_argument, 0, 'W'}, | ||
| 300 | {"crit-entries", required_argument, 0, 'C'}, | ||
| 266 | {"verbose", no_argument, 0, 'v'}, | 301 | {"verbose", no_argument, 0, 'v'}, |
| 267 | {0, 0, 0, 0} | 302 | {0, 0, 0, 0} |
| 268 | }; | 303 | }; |
| @@ -276,7 +311,7 @@ process_arguments (int argc, char **argv) | |||
| 276 | } | 311 | } |
| 277 | 312 | ||
| 278 | while (1) { | 313 | while (1) { |
| 279 | c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:", longopts, &option); | 314 | c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option); |
| 280 | 315 | ||
| 281 | if (c == -1 || c == EOF) | 316 | if (c == -1 || c == EOF) |
| 282 | break; | 317 | break; |
| @@ -318,6 +353,12 @@ process_arguments (int argc, char **argv) | |||
| 318 | case 'c': | 353 | case 'c': |
| 319 | crit_time = strtod (optarg, NULL); | 354 | crit_time = strtod (optarg, NULL); |
| 320 | break; | 355 | break; |
| 356 | case 'W': | ||
| 357 | warn_entries = optarg; | ||
| 358 | break; | ||
| 359 | case 'C': | ||
| 360 | crit_entries = optarg; | ||
| 361 | break; | ||
| 321 | #ifdef HAVE_LDAP_SET_OPTION | 362 | #ifdef HAVE_LDAP_SET_OPTION |
| 322 | case '2': | 363 | case '2': |
| 323 | ld_protocol = 2; | 364 | ld_protocol = 2; |
| @@ -381,6 +422,10 @@ validate_arguments () | |||
| 381 | if (ld_base==NULL) | 422 | if (ld_base==NULL) |
| 382 | usage4 (_("Please specify the LDAP base\n")); | 423 | usage4 (_("Please specify the LDAP base\n")); |
| 383 | 424 | ||
| 425 | if (crit_entries!=NULL || warn_entries!=NULL) { | ||
| 426 | set_thresholds(&entries_thresholds, | ||
| 427 | warn_entries, crit_entries); | ||
| 428 | } | ||
| 384 | return OK; | 429 | return OK; |
| 385 | } | 430 | } |
| 386 | 431 | ||
| @@ -430,6 +475,11 @@ print_help (void) | |||
| 430 | 475 | ||
| 431 | printf (UT_WARN_CRIT); | 476 | printf (UT_WARN_CRIT); |
| 432 | 477 | ||
| 478 | printf (" %s\n", "-W [--warn-entries]"); | ||
| 479 | printf (" %s\n", _("Number of found entries to result in warning status")); | ||
| 480 | printf (" %s\n", "-W [--crit-entries]"); | ||
| 481 | printf (" %s\n", _("Number of found entries to result in critical status")); | ||
| 482 | |||
| 433 | printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); | 483 | printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); |
| 434 | 484 | ||
| 435 | printf (UT_VERBOSE); | 485 | printf (UT_VERBOSE); |
| @@ -441,6 +491,7 @@ print_help (void) | |||
| 441 | printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called.")); | 491 | printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called.")); |
| 442 | printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags")); | 492 | printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags")); |
| 443 | printf (" %s\n", _("to define the behaviour explicitly instead.")); | 493 | printf (" %s\n", _("to define the behaviour explicitly instead.")); |
| 494 | printf (" %s\n", _("The parameters --warn-entries and --crit-entries are optional.")); | ||
| 444 | 495 | ||
| 445 | printf (UT_SUPPORT); | 496 | printf (UT_SUPPORT); |
| 446 | } | 497 | } |