#!/bin/sh
set +x

G_MML_FILE_PATH="/opt/huawei/snas/script/inspect_mml/"
LOG_FILE="/var/log/inspect.log"
source $G_MML_FILE_PATH/CheckItems
G_REMOTE_TMP_FILE="/tmp/tmpfile"
CurInspectNum="221"
CurInspectFun="$(GetInspectType $CurInspectNum)"
RESULTFILE="/tmp/tmpResult${CurInspectFun}"
>${RESULTFILE}

function LOG()
{
    time=$(date)
    echo [${time}][$$][$CurInspectFun]$@ >> $LOG_FILE
}

function checkLdapServer
{
    local LdapServerIP=$1
    local Port=$2
    local BaseDn=$3
    local cmd_test=""
    local ipflag=""
    local pingResult=""

   #Ƿ
    echo $LdapServerIP |grep -q "\:" >/dev/dull
    ipflag=$?
    if [ $ipflag -eq 0 ] ;then
       pingResult=$(ping6 $LdapServerIP -c 2| grep avg | awk -F= '{print $2}' | awk -F/ '{print $2}')
    else
        pingResult=$(ping $LdapServerIP -c 2 | grep avg | awk -F= '{print $2}' | awk -F/ '{print $2}')
    fi
    if [ "x${pingResult}" != "x" ];then
        if [ "x${bindDN}" = "x" ];then  #ǷDN
            if [ $ipflag -eq 0 ];then
                if [ $Port -eq 389 ];then
                    /usr/bin/ldapsearch -H ldap://[$LdapServerIP]:$Port/ -x -b "$BaseDn" "objectClass=*" -s base > $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP 2>&1
                else
                    /usr/bin/ldapsearch -H ldaps://[$LdapServerIP]:$Port/ -x -b "$BaseDn" "objectClass=*" -s base > $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP 2>&1
                fi
            else
                if [ $Port -eq 389 ];then
                    /usr/bin/ldapsearch -H ldap://$LdapServerIP:$Port/ -x -b "$BaseDn" "objectClass=*" -s base > $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP 2>&1
                else
                    /usr/bin/ldapsearch -H ldaps://$LdapServerIP:$Port/ -x -b "$BaseDn" "objectClass=*" -s base > $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP 2>&1
                fi
            fi
        else
            echo "Success" > $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP #DN,Ĭ server ipǶԵ
        fi
        cmd_test=$(cat $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP)
    fi
    LOG "[$LINENO]LdapServerIP:$LdapServerIP, cmd_test:$cmd_test, Port:$Port"

    if [ "$cmd_test" == "" ];then
        echo "$LdapServerIP status err." >>${RESULTFILE} 2>&1
    else
        #תnvalid DN syntax,Can't contact LDAP server, No such object
        cmd_test1=$(cat $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP | grep "Success")

        if [ "$cmd_test1" == "" ];then
            echo "$LdapServerIP status err." >>${RESULTFILE} 2>&1
        else
            echo "$LdapServerIP status ok." >>${RESULTFILE} 2>&1
        fi
    fi

    if [ -f "$G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP" ];then
        rm -f $G_REMOTE_TMP_FILE$FUNCNAME$LdapServerIP
    fi

    return 0
}

function ShowLdapServer()
{
    #ȡLDAP
    filename="NisServerTmp"
    /usr/local/bin/nas_proto_cfg -c get_ldap_server > $G_REMOTE_TMP_FILE$filename 2>&1
    iRet=$?
    if [ $iRet -ne 0 ];then
       LOG "[$LINENO]Get get_ldap_server ret[$iRet]"
       echo "[ERR]Failed to exection cmd(/usr/local/bin/nas_proto_cfg -c get_ldap_server),iRet:[$iRet]."  >>${RESULTFILE} 2>&1
       return 0
    fi

    #ǷֵLdap
    info=""
    errinfo=""
    ldapserver=""
    dn=""
    bindDN=""
    bindPW=""
    portnum=""
    cmd_test=""
    cmd_test1=""
    count=0

    info=`grep -a '<ldap_server_ip>' $G_REMOTE_TMP_FILE$filename`
    if [ "$info" == "" ];then
        echo "no ldap_server."  >>${RESULTFILE} 2>&1
    else
        LOG "[$LINENO]Get get_ldap_server $info"

        ldapserver=$(grep -a '<ldap_server_ip>' $G_REMOTE_TMP_FILE$filename | awk -F">" '{print $2}' |  awk -F"<" '{print $1}' 2>&1)
        ldapServerArray=$(echo ${ldapserver}|awk -F "," '{for(i=1;i<=NF;i++)printf("%s ",$i)}')
        dn=`grep -a '<ldap_server_basedn>' $G_REMOTE_TMP_FILE$filename | awk -F">" '{print $2}' |  awk -F"<" '{print $1}' 2>&1`
        portnum=`grep -a '<ldap_server_portnum>' $G_REMOTE_TMP_FILE$filename | awk -F">" '{print $2}' |  awk -F"<" '{print $1}' 2>&1`
        #DN
        bindDN=`grep -a '<ldap_server_binddn>' $G_REMOTE_TMP_FILE$filename | awk -F">" '{print $2}' |  awk -F"<" '{print $1}' 2>&1`
        bindPW=`grep -a '<ldap_server_bindpw>' $G_REMOTE_TMP_FILE$filename | awk -F">" '{print $2}' |  awk -F"<" '{print $1}' 2>&1`
        echo "LDAP_server_info:ldap_server_ip $ldapserver||LDAP_server_info:ldap_server_basedn:$dn||LDAP_server_info:ldap_server_portnum:$portnum" >>${RESULTFILE} 2>&1
        LOG "[$LINENO]LDAP_server_info:ldapserver:$ldapserver||dn:$dn||portnum:$portnum"

        if [ "$ldapserver" == "" ] || [ "$dn" == "" ] || [ "$portnum" == "" ]; then
           echo "[ERR]Get ldap information from output(/usr/local/bin/nas_proto_cfg -c get_ldap_server) failed."  >>${RESULTFILE} 2>&1
           return 0
        fi

        for LDAP_IP in ${ldapServerArray[*]}
        do
            checkLdapServer $LDAP_IP $portnum $dn
            count=$((count+1))
        done
        servernum=${count}
        LOG "[$LINENO]servernum:$servernum"
    fi
    return 0
}

ShowLdapServer

if [ -f "$G_REMOTE_TMP_FILE$filename" ];then
    rm -f $G_REMOTE_TMP_FILE$filename
fi
