From a8220ab2d293bb7f4b014b79d16b2fb05090fa93 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Feb 2021 12:45:55 +0100
Subject: Adding upstream version 1.29.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../python.d.plugin/openldap/openldap.chart.py     | 25 ++++++++++++++--------
 1 file changed, 16 insertions(+), 9 deletions(-)

(limited to 'collectors/python.d.plugin/openldap/openldap.chart.py')

diff --git a/collectors/python.d.plugin/openldap/openldap.chart.py b/collectors/python.d.plugin/openldap/openldap.chart.py
index 3266ce400..aba143954 100644
--- a/collectors/python.d.plugin/openldap/openldap.chart.py
+++ b/collectors/python.d.plugin/openldap/openldap.chart.py
@@ -5,18 +5,19 @@
 
 try:
     import ldap
+
     HAS_LDAP = True
 except ImportError:
     HAS_LDAP = False
 
 from bases.FrameworkServices.SimpleService import SimpleService
 
-
 DEFAULT_SERVER = 'localhost'
 DEFAULT_PORT = '389'
 DEFAULT_TLS = False
 DEFAULT_CERT_CHECK = True
 DEFAULT_TIMEOUT = 1
+DEFAULT_START_TLS = False
 
 ORDER = [
     'total_connections',
@@ -49,7 +50,7 @@ CHARTS = {
         ]
     },
     'referrals_sent': {
-        'options': [None, 'Referrals', 'referals/s', 'ldap', 'openldap.referrals', 'line'],
+        'options': [None, 'Referrals', 'referrals/s', 'ldap', 'openldap.referrals', 'line'],
         'lines': [
             ['referrals_sent', 'sent', 'incremental']
         ]
@@ -110,7 +111,7 @@ SEARCH_LIST = {
     'add_operations': (
         'cn=Add,cn=Operations,cn=Monitor', 'monitorOpInitiated',
     ),
-    'delete_operations':  (
+    'delete_operations': (
         'cn=Delete,cn=Operations,cn=Monitor', 'monitorOpCompleted',
     ),
     'modify_operations': (
@@ -143,6 +144,7 @@ class Service(SimpleService):
         self.timeout = configuration.get('timeout', DEFAULT_TIMEOUT)
         self.use_tls = configuration.get('use_tls', DEFAULT_TLS)
         self.cert_check = configuration.get('cert_check', DEFAULT_CERT_CHECK)
+        self.use_start_tls = configuration.get('use_start_tls', DEFAULT_START_TLS)
         self.alive = False
         self.conn = None
 
@@ -159,8 +161,13 @@ class Service(SimpleService):
             else:
                 self.conn = ldap.initialize('ldap://%s:%s' % (self.server, self.port))
             self.conn.set_option(ldap.OPT_NETWORK_TIMEOUT, self.timeout)
-            if self.use_tls and not self.cert_check:
+            if (self.use_tls or self.use_start_tls) and not self.cert_check:
                 self.conn.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
+            if self.use_start_tls or self.use_tls:
+                self.conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
+            if self.use_start_tls:
+                self.conn.protocol_version = ldap.VERSION3
+                self.conn.start_tls_s()
             if self.username and self.password:
                 self.conn.simple_bind(self.username, self.password)
         except ldap.LDAPError as error:
@@ -193,17 +200,17 @@ class Service(SimpleService):
                 num = self.conn.search(dn, ldap.SCOPE_BASE, 'objectClass=*', [attr, ])
                 result_type, result_data = self.conn.result(num, 1)
             except ldap.LDAPError as error:
-                self.error("Empty result. Check bind username/password. Message: ",error)
+                self.error("Empty result. Check bind username/password. Message: ", error)
                 self.alive = False
                 return None
 
+            if result_type != 101:
+                continue
+
             try:
-                if result_type == 101:
-                    val = int(result_data[0][1].values()[0][0])
+                data[key] = int(list(result_data[0][1].values())[0][0])
             except (ValueError, IndexError) as error:
                 self.debug(error)
                 continue
 
-            data[key] = val
-
         return data
-- 
cgit v1.2.3