Adding upstream version 1.29.0.upstream/1.29.0

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2021-02-07 11:45:55 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2021-02-07 11:45:55 +0000
commit: a8220ab2d293bb7f4b014b79d16b2fb05090fa93 (patch)
tree: 77f0a30f016c0925cf7ee9292e644bba183c2774 /collectors/python.d.plugin/openldap
parent: Adding upstream version 1.19.0. (diff)
download: netdata-a8220ab2d293bb7f4b014b79d16b2fb05090fa93.tar.xz
netdata-a8220ab2d293bb7f4b014b79d16b2fb05090fa93.zip
3 files changed, 41 insertions, 19 deletions
diff --git a/collectors/python.d.plugin/openldap/README.md b/collectors/python.d.plugin/openldap/README.md
index f1f9de581..4942d0f39 100644
--- a/collectors/python.d.plugin/openldap/README.md
+++ b/collectors/python.d.plugin/openldap/README.md
@@ -1,6 +1,12 @@
-# openldap
+<!--
+title: "OpenLDAP monitoring with Netdata"
+custom_edit_url: https://github.com/netdata/netdata/edit/master/collectors/python.d.plugin/openldap/README.md
+sidebar_label: "OpenLDAP"
+-->
 
-This module provides statistics information from openldap (slapd) server.
+# OpenLDAP monitoring with Netdata
+
+Provides statistics information from openldap (slapd) server.
 Statistics are taken from LDAP monitoring interface. Manual page, slapd-monitor(5) is available.
 
 **Requirement:**
@@ -47,7 +53,15 @@ Statistics are taken from LDAP monitoring interface. Manual page, slapd-monitor(
     -   read
     -   write
 
-### configuration
+## Configuration
+
+Edit the `python.d/openldap.conf` configuration file using `edit-config` from the Netdata [config
+directory](/docs/configure/nodes.md), which is typically at `/etc/netdata`.
+
+```bash
+cd /etc/netdata   # Replace this path with your Netdata config directory, if different
+sudo ./edit-config python.d/openldap.conf
+```
 
 Sample:
 
diff --git a/collectors/python.d.plugin/openldap/openldap.chart.py b/collectors/python.d.plugin/openldap/openldap.chart.py
index 3266ce400..aba143954 100644
--- a/collectors/python.d.plugin/openldap/openldap.chart.py
+++ b/collectors/python.d.plugin/openldap/openldap.chart.py
@@ -5,18 +5,19 @@
 
 try:
     import ldap
+
     HAS_LDAP = True
 except ImportError:
     HAS_LDAP = False
 
 from bases.FrameworkServices.SimpleService import SimpleService
 
-
 DEFAULT_SERVER = 'localhost'
 DEFAULT_PORT = '389'
 DEFAULT_TLS = False
 DEFAULT_CERT_CHECK = True
 DEFAULT_TIMEOUT = 1
+DEFAULT_START_TLS = False
 
 ORDER = [
     'total_connections',
@@ -49,7 +50,7 @@ CHARTS = {
         ]
     },
     'referrals_sent': {
-        'options': [None, 'Referrals', 'referals/s', 'ldap', 'openldap.referrals', 'line'],
+        'options': [None, 'Referrals', 'referrals/s', 'ldap', 'openldap.referrals', 'line'],
         'lines': [
             ['referrals_sent', 'sent', 'incremental']
         ]
@@ -110,7 +111,7 @@ SEARCH_LIST = {
     'add_operations': (
         'cn=Add,cn=Operations,cn=Monitor', 'monitorOpInitiated',
     ),
-    'delete_operations':  (
+    'delete_operations': (
         'cn=Delete,cn=Operations,cn=Monitor', 'monitorOpCompleted',
     ),
     'modify_operations': (
@@ -143,6 +144,7 @@ class Service(SimpleService):
         self.timeout = configuration.get('timeout', DEFAULT_TIMEOUT)
         self.use_tls = configuration.get('use_tls', DEFAULT_TLS)
         self.cert_check = configuration.get('cert_check', DEFAULT_CERT_CHECK)
+        self.use_start_tls = configuration.get('use_start_tls', DEFAULT_START_TLS)
         self.alive = False
         self.conn = None
 
@@ -159,8 +161,13 @@ class Service(SimpleService):
             else:
                 self.conn = ldap.initialize('ldap://%s:%s' % (self.server, self.port))
             self.conn.set_option(ldap.OPT_NETWORK_TIMEOUT, self.timeout)
-            if self.use_tls and not self.cert_check:
+            if (self.use_tls or self.use_start_tls) and not self.cert_check:
                 self.conn.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
+            if self.use_start_tls or self.use_tls:
+                self.conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
+            if self.use_start_tls:
+                self.conn.protocol_version = ldap.VERSION3
+                self.conn.start_tls_s()
             if self.username and self.password:
                 self.conn.simple_bind(self.username, self.password)
         except ldap.LDAPError as error:
@@ -193,17 +200,17 @@ class Service(SimpleService):
                 num = self.conn.search(dn, ldap.SCOPE_BASE, 'objectClass=*', [attr, ])
                 result_type, result_data = self.conn.result(num, 1)
             except ldap.LDAPError as error:
-                self.error("Empty result. Check bind username/password. Message: ",error)
+                self.error("Empty result. Check bind username/password. Message: ", error)
                 self.alive = False
                 return None
 
+            if result_type != 101:
+                continue
+
             try:
-                if result_type == 101:
-                    val = int(result_data[0][1].values()[0][0])
+                data[key] = int(list(result_data[0][1].values())[0][0])
             except (ValueError, IndexError) as error:
                 self.debug(error)
                 continue
 
-            data[key] = val
-
         return data
diff --git a/collectors/python.d.plugin/openldap/openldap.conf b/collectors/python.d.plugin/openldap/openldap.conf
index 73e8636ed..5fd99a525 100644
--- a/collectors/python.d.plugin/openldap/openldap.conf
+++ b/collectors/python.d.plugin/openldap/openldap.conf
@@ -65,10 +65,11 @@ update_every: 10
 
 # Set here your LDAP connection settings
 
-#username : "cn=admin,dc=example,dc=com"   # The bind user with right to access monitor statistics
-#password : "yourpass"                     # The password for the binded user
-#server   : 'localhost'                    # The listening address of the LDAP server. In case of TLS, use the hostname which the certificate is published for.
-#port     : 389                            # The listening port of the LDAP server. Change to 636 port in case of TLS connection
-#use_tls  : False                          # Make True if a TLS connection is used
-#cert_check : True                         # False if you want to ignore certificate check
-#timeout  : 1                              # Seconds to timeout if no connection exi
+#username     : "cn=admin,dc=example,dc=com"   # The bind user with right to access monitor statistics
+#password     : "yourpass"                     # The password for the binded user
+#server       : 'localhost'                    # The listening address of the LDAP server. In case of TLS, use the hostname which the certificate is published for.
+#port         : 389                            # The listening port of the LDAP server. Change to 636 port in case of TLS connection
+#use_tls      : False                          # Make True if a TLS connection is used over ldaps://
+#use_start_tls: False                          # Make True if a TLS connection is used over ldap://
+#cert_check   : True                           # False if you want to ignore certificate check
+#timeout      : 1                              # Seconds to timeout if no connection exi
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2021-02-07 11:45:55 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2021-02-07 11:45:55 +0000
commit	a8220ab2d293bb7f4b014b79d16b2fb05090fa93 (patch)
tree	77f0a30f016c0925cf7ee9292e644bba183c2774 /collectors/python.d.plugin/openldap
parent	Adding upstream version 1.19.0. (diff)
download	netdata-a8220ab2d293bb7f4b014b79d16b2fb05090fa93.tar.xz netdata-a8220ab2d293bb7f4b014b79d16b2fb05090fa93.zip