From 9b5727dd344de799ccda1b882fccfd92a319fc2b Mon Sep 17 00:00:00 2001
From: "Thierry bordaz (tbordaz)" <tbordaz@redhat.com>
Date: Wed, 17 Apr 2013 16:06:32 +0200
Subject: [PATCH] Ticket 205 - snmp counters index strings for multiple
 network interfaces with ip addr and tcp port pairs

Bug Description:

	When a host contains several interfaces, if several DS instances listen on the same port (but
	on different interfaces) the snmp report will only contain one of those instances.

Fix Description:

	The fix is to define a new cn=config attribute (nsslapd-snmp-index) that is a number.
	The value of this attribute will replace the instance port number (nsslapd-port) in the
	snmp report.

https://fedorahosted.org/389/ticket/205

Reviewed by: ?

Platforms tested: Fedora 17

Flag Day: no

Doc impact: yes. A new configuration attribute (in cn=config) needs to be described ("nsslapd-snmp-index").
	nsslapd-snmp-index: It specifies an index (identifier) that would be appened to the RHDS MIB OIDs of the instance.
	If it is defined it will replace in the reported OID the 'port' (nsslapd-port).
	For example:
		instance1 and instance2 have defined nsslapd-snmp-index (greater than 0).
		instance3 did not define nsslapd-snmp-index or nsslapd-snmp-index=0, so its slot number is appened.

		> snmpwalk -v 2c -c redhat localhost RHDS-MIB::dsSimpleAuthBinds
		RHDS-MIB::dsSimpleAuthBinds.<snmp_index_instance1> = Counter64: 16
		RHDS-MIB::dsSimpleAuthBinds.<snmp_index_instance2> = Counter64: 4
		RHDS-MIB::dsSimpleAuthBinds.<port_instance3> = Counter64: 24

	In case of several RHDS instances listening on the same port (on different interfaces), it offers a means to link the reported snmp counters to a given instance.
	This attribute is an optional numeric value greater or equal to 0.
	0 means that the snmp index is not used and the SNMP report will contain the port number.
	Any change of value requires (to be taken into account) restart of both DS and DS snmp sub-agent.
---
 ldap/servers/slapd/libglobs.c   | 40 +++++++++++++++++++++++++++++++++++++++-
 ldap/servers/slapd/proto-slap.h |  1 +
 ldap/servers/slapd/slap.h       |  2 ++
 ldap/servers/snmp/main.c        | 23 +++++++++++++++++------
 4 files changed, 59 insertions(+), 7 deletions(-)

diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 0831cc8..10e0e7c 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -152,6 +152,7 @@ static int config_set_schemareplace ( const char *attrname, char *value,
 #define DEFAULT_OUTBOUND_LDAP_IO_TIMEOUT "300000"
 #define DEFAULT_MAX_FILTER_NEST_LEVEL "40"
 #define DEFAULT_GROUPEVALNESTLEVEL "0"
+#define DEFAULT_SNMP_INDEX "0"
 #define DEFAULT_MAX_SASLIO_SIZE "2097152"
 #define DEFAULT_DISK_THRESHOLD "2097152"
 #define DEFAULT_DISK_GRACE_PERIOD "60"
@@ -198,7 +199,7 @@ static int config_set_schemareplace ( const char *attrname, char *value,
 #define DEFAULT_LDAPI_SEARCH_BASE "dc=example,dc=com"
 #define DEFAULT_LDAPI_AUTO_DN "cn=peercred,cn=external,cn=auth"
 #define ENTRYUSN_IMPORT_INIT "0"
-#define DEFAULT_ALLOWED_TO_DELETE_ATTRS "nsslapd-listenhost nsslapd-securelistenhost nsslapd-defaultnamingcontext"
+#define DEFAULT_ALLOWED_TO_DELETE_ATTRS "nsslapd-listenhost nsslapd-securelistenhost nsslapd-defaultnamingcontext nsslapd-snmp-index"
 #define SALTED_SHA1_SCHEME_NAME "SSHA"
 
 /* CONFIG_ON_OFF */
@@ -734,6 +735,10 @@ static struct config_get_and_set {
 		NULL, 0,
 		(void**)&global_slapdFrontendConfig.listenhost,
 		CONFIG_STRING, NULL, NULL/* NULL value is allowed */},
+        {CONFIG_SNMP_INDEX_ATTRIBUTE, config_set_snmp_index,
+                NULL, 0,
+                (void**) &global_slapdFrontendConfig.snmp_index,
+                CONFIG_INT, NULL, DEFAULT_SNMP_INDEX},
 	{CONFIG_LDAPI_FILENAME_ATTRIBUTE, config_set_ldapi_filename,
 		NULL, 0,
 		(void**)&global_slapdFrontendConfig.ldapi_filename,
@@ -1982,6 +1987,39 @@ config_set_listenhost( const char *attrname, char *value, char *errorbuf, int ap
 }
 
 int
+config_set_snmp_index(const char *attrname, char *value, char *errorbuf, int apply) 
+{
+        int retVal = LDAP_SUCCESS;
+        long snmp_index;
+        long snmp_index_disable;
+        char *endp = NULL;
+
+        slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+        snmp_index_disable = atol(DEFAULT_SNMP_INDEX); /* if snmp index is disabled, use the nsslapd-port instead */;
+        
+        if (config_value_is_null(attrname, value, errorbuf, 0)) {
+                snmp_index = snmp_index_disable;
+        } else {
+                errno = 0;
+                snmp_index = strtol(value, &endp, 10);
+
+                if (*endp != '\0' || errno == ERANGE || snmp_index < snmp_index_disable) {
+                        PR_snprintf(errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value \"%s\", %s must be greater or equal to %d (%d means disabled)", 
+                                attrname, value, CONFIG_SNMP_INDEX_ATTRIBUTE, snmp_index_disable, snmp_index_disable);
+                        retVal = LDAP_OPERATIONS_ERROR;
+                }
+        }
+
+        if (apply) {
+                CFG_LOCK_WRITE(slapdFrontendConfig);
+                slapdFrontendConfig->snmp_index = snmp_index;
+                CFG_UNLOCK_WRITE(slapdFrontendConfig);
+        }
+        return retVal;
+}
+
+int
 config_set_ldapi_filename( const char *attrname, char *value, char *errorbuf, int apply ) {
   int retVal = LDAP_SUCCESS;
   slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 05d2212..ea6fb6c 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -273,6 +273,7 @@ int config_set_localhost( const char *attrname, char *value, char *errorbuf, int
 int config_set_listenhost( const char *attrname, char *value, char *errorbuf, int apply );
 int config_set_securelistenhost( const char *attrname, char *value, char *errorbuf, int apply );
 int config_set_ldapi_filename( const char *attrname, char *value, char *errorbuf, int apply );
+int config_set_snmp_index( const char *attrname, char *value, char *errorbuf, int apply );
 int config_set_ldapi_switch( const char *attrname, char *value, char *errorbuf, int apply );
 int config_set_ldapi_bind_switch( const char *attrname, char *value, char *errorbuf, int apply );
 int config_set_ldapi_root_dn( const char *attrname, char *value, char *errorbuf, int apply );
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index c72d193..224706c 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -1967,6 +1967,7 @@ typedef struct _slapdEntryPoints {
 #define CONFIG_PORT_ATTRIBUTE "nsslapd-port"
 #define CONFIG_WORKINGDIR_ATTRIBUTE "nsslapd-workingdir"
 #define CONFIG_LISTENHOST_ATTRIBUTE "nsslapd-listenhost"
+#define CONFIG_SNMP_INDEX_ATTRIBUTE "nsslapd-snmp-index"
 #define CONFIG_LDAPI_FILENAME_ATTRIBUTE "nsslapd-ldapifilepath"
 #define CONFIG_LDAPI_SWITCH_ATTRIBUTE "nsslapd-ldapilisten"
 #define CONFIG_LDAPI_BIND_SWITCH_ATTRIBUTE "nsslapd-ldapiautobind"
@@ -2164,6 +2165,7 @@ typedef struct _slapdFrontendConfig {
   char *encryptionalias;
   char *errorlog;
   char *listenhost;
+  int snmp_index;
 #ifndef _WIN32
   char *localuser;
 #endif /* _WIN32 */
diff --git a/ldap/servers/snmp/main.c b/ldap/servers/snmp/main.c
index 53af972..c5d9371 100644
--- a/ldap/servers/snmp/main.c
+++ b/ldap/servers/snmp/main.c
@@ -329,6 +329,8 @@ load_config(char *conf_path)
         } else if ((p = strstr(line, "server")) != NULL) {
             int got_port = 0;
             int got_rundir = 0;
+            int got_snmp_index = 0;
+            long snmp_index = 0;
             int lineno = 0;
             char *entry = NULL;
             char *instancename = NULL;
@@ -423,10 +425,15 @@ load_config(char *conf_path)
                 if ((strcmp(attr, "dn") == 0) &&
                     (strcmp(val, "cn=config") == 0)) {
                     char *dse_line = NULL;
+                    
+                    
                     /* Look for port and rundir attributes */
                     while ((dse_line = ldif_getline(&entryp)) != NULL) {
                         ldif_parse_line(dse_line, &attr, &val, &vlen);
-                        if (strcmp(attr, "nsslapd-port") == 0) {
+                        if (strcmp(attr, "nsslapd-snmp-index") == 0) {
+                            snmp_index = atol(val);
+                            got_snmp_index = 1;
+                        } else if (strcmp(attr, "nsslapd-port") == 0) {
                             serv_p->port = atol(val);
                             got_port = 1;
                         } else if (strcmp(attr, "nsslapd-rundir") == 0) {
@@ -447,11 +454,6 @@ load_config(char *conf_path)
                             got_rundir = 1;
                         }
 
-                        /* Stop processing this entry if we found the
-                         *  port and rundir settings */
-                        if (got_port && got_rundir) {
-                            break;
-                        }
                     }
                     /* The port and rundir settings must be in the
                      * cn=config entry, so we can stop reading through
@@ -479,6 +481,15 @@ load_config(char *conf_path)
                 error = 1;
                 goto close_and_exit;
             }
+            
+            /* in case a snmp index is specified, it replace the nsslapd-port
+             * This would allow to give an index to a snmp report, rather than using
+             * the TCP interface port number (because the same port may be listen on multiple interfaces).
+             * For snmp_index values <= 0 (disabled), let's keep the port
+             */
+            if (got_snmp_index && (snmp_index > 0)) {
+                    serv_p->port = snmp_index;
+            }
 
             /* Insert server instance into linked list */
             serv_p->next = server_head;
-- 
1.7.11.7