MEDIUM: checks: Implement LDAP check using tcp-check rules
A shared tcp-check ruleset is now created to support LDAP check. This way no
extra memory is used if several backends use a LDAP check.
The following sequance is used :
tcp-check send-binary "300C020101600702010304008000"
tcp-check expect rbinary "^30" min-recv 14 \
on-error "Not LDAPv3 protocol"
tcp-check expect custom
The last expect rule relies on a custom function to check the LDAP server reply.
diff --git a/include/common/defaults.h b/include/common/defaults.h
index b63870e..0653a53 100644
--- a/include/common/defaults.h
+++ b/include/common/defaults.h
@@ -177,7 +177,6 @@
#define DEF_AGENT_RISETIME 1
#define DEF_CHECK_REQ "OPTIONS / HTTP/1.0\r\n"
#define DEF_CHECK_PATH ""
-#define DEF_LDAP_CHECK_REQ "\x30\x0c\x02\x01\x01\x60\x07\x02\x01\x03\x04\x00\x80\x00"
#define DEF_HANA_ONERR HANA_ONERR_FAILCHK
diff --git a/include/proto/checks.h b/include/proto/checks.h
index 322f9dd..ff43238 100644
--- a/include/proto/checks.h
+++ b/include/proto/checks.h
@@ -79,6 +79,8 @@
const char *file, int line);
int proxy_parse_mysql_check_opt(char **args, int cur_arg, struct proxy *curpx, struct proxy *defpx,
const char *file, int line);
+int proxy_parse_ldap_check_opt(char **args, int cur_arg, struct proxy *curpx, struct proxy *defpx,
+ const char *file, int line);
#endif /* _PROTO_CHECKS_H */
diff --git a/include/types/checks.h b/include/types/checks.h
index 5b3fda4..a5676c1 100644
--- a/include/types/checks.h
+++ b/include/types/checks.h
@@ -316,6 +316,7 @@
#define TCPCHK_RULES_REDIS_CHK 0x00000020
#define TCPCHK_RULES_SMTP_CHK 0x00000030
#define TCPCHK_RULES_MYSQL_CHK 0x00000050
+#define TCPCHK_RULES_LDAP_CHK 0x00000060
#define TCPCHK_RULES_SSL3_CHK 0x00000070
/* A list of tcp-check vars, to be registered before executing a ruleset */
diff --git a/include/types/proxy.h b/include/types/proxy.h
index 6e84037..bf2a798 100644
--- a/include/types/proxy.h
+++ b/include/types/proxy.h
@@ -171,9 +171,7 @@
#define PR_O2_CHK_NONE 0x00000000 /* no L7 health checks configured (TCP by default) */
/* unused: 0x10000000..0x30000000 */
#define PR_O2_HTTP_CHK 0x40000000 /* use HTTP 'OPTIONS' method to check server health */
-/* unused 0x50000000 */
-#define PR_O2_LDAP_CHK 0x60000000 /* use LDAP check for server health */
-/* unused: 0x70000000 */
+/* unused 0x50000000..0x70000000 */
#define PR_O2_LB_AGENT_CHK 0x80000000 /* use a TCP connection to obtain a metric of server health */
#define PR_O2_TCPCHK_CHK 0x90000000 /* use TCPCHK check for server health */
#define PR_O2_EXT_CHK 0xA0000000 /* use external command for server health */