occtl: print statistics provided by main

Also introduced the --debug option.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

src/ctl.proto

@@ -13,6 +13,20 @@ message status_rep
 	required uint32 stored_tls_sessions = 7;
 	required uint32 banned_ips = 8;
 	required uint32 secmod_client_entries = 9;
+
+	required uint64 session_timeouts = 10;
+	required uint64 session_idle_timeouts = 11;
+	required uint64 session_errors = 12;
+	required uint64 sessions_closed = 13;
+	required uint64 kbytes_in = 14;
+	required uint64 kbytes_out = 15;
+	required uint32 min_mtu = 16;
+	required uint32 max_mtu = 17;
+	required uint32 last_reset = 18;
+	required uint32 avg_auth_time = 19;
+	required uint32 avg_session_mins = 20;
+	required uint32 max_auth_time = 21;
+	required uint32 max_session_mins = 22;
 }
 
 message bool_msg

src/main-ctl-unix.c

@@ -186,6 +186,20 @@ static void method_status(method_ctx *ctx, int cfd, uint8_t * msg,
 	rep.stored_tls_sessions = ctx->s->stats.tlsdb_entries;
 	rep.banned_ips = main_ban_db_elems(ctx->s);
 
+	rep.session_timeouts = ctx->s->stats.session_timeouts;
+	rep.session_idle_timeouts = ctx->s->stats.session_idle_timeouts;
+	rep.session_errors = ctx->s->stats.session_errors;
+	rep.sessions_closed = ctx->s->stats.sessions_closed;
+	rep.kbytes_in = ctx->s->stats.kbytes_in;
+	rep.kbytes_out = ctx->s->stats.kbytes_out;
+	rep.min_mtu = ctx->s->stats.min_mtu;
+	rep.max_mtu = ctx->s->stats.max_mtu;
+	rep.last_reset = ctx->s->stats.last_reset;
+	rep.avg_auth_time = ctx->s->stats.avg_auth_time;
+	rep.avg_session_mins = ctx->s->stats.avg_session_mins;
+	rep.max_auth_time = ctx->s->stats.max_auth_time;
+	rep.max_session_mins = ctx->s->stats.max_session_mins;
+
 	ret = send_msg(ctx->pool, cfd, CTL_CMD_STATUS_REP, &rep,
 		       (pack_size_func) status_rep__get_packed_size,
 		       (pack_func) status_rep__pack);

src/occtl/occtl-args.def

@@ -47,6 +47,12 @@ flag = {
     doc   = "";
 };
 
+flag = {
+    name      = debug;
+    descrip   = "Provide more verbose information in some commands";
+    doc   = "";
+};
+
 
 doc-section = {
   ds-type = 'SYNOPSIS';

src/occtl/occtl.c

@@ -57,6 +57,8 @@ static const commands_st commands[] = {
 	      "Reloads the server configuration", 1, 1),
 	ENTRY("show status", NULL, handle_status_cmd,
 	      "Prints the status of the server", 1, 1),
+	ENTRY("show stats", NULL, handle_stats_cmd,
+	      "Prints statistics of the server operation", 1, 1),
 	ENTRY("show users", NULL, handle_list_users_cmd,
 	      "Prints the connected users", 1, 1),
 	ENTRY("show ip bans", NULL, handle_list_banned_ips_cmd,
@@ -168,6 +170,7 @@ void usage(void)
 	printf("occtl: [OPTIONS...] {COMMAND}\n\n");
 	printf("  -s --socket-file       Specify the server's occtl socket file\n");
 	printf("  -h --help              Show this help\n");
+	printf("     --debug             Enable more verbose information in some commands\n");
 	printf("  -v --version           Show the program's version\n");
 	printf("  -j --json              Use JSON formatting for output\n");
 	printf("\n");
@@ -180,7 +183,7 @@ void version(void)
 {
 	fprintf(stderr,
 		"OpenConnect server control (occtl) version %s\n", VERSION);
-	fprintf(stderr, "Copyright (C) 2014-2016 Red Hat and others.\n");
+	fprintf(stderr, "Copyright (C) 2014-2017 Red Hat and others.\n");
 	fprintf(stderr,
 		"ocserv comes with ABSOLUTELY NO WARRANTY. This is free software,\n");
 	fprintf(stderr,
@@ -555,14 +558,22 @@ int main(int argc, char **argv)
 
 				argv += 1;
 				argc -= 1;
-
 			} else if (argv[1][1] == 'n'
 			    || (argv[1][1] == '-' && argv[1][2] == 'n')) {
 				params.no_pager = 1;
 
 				argv += 1;
 				argc -= 1;
+			} else if (argv[1][1] == '-' && argv[1][2] == 'd') {
+				params.debug = 1;
 
+				argv += 1;
+				argc -= 1;
+
+				if (argc == 1) {
+					params.json = 0;
+					goto interactive;
+				}
 			} else if (argv[1][1] == 'v'
 			    || (argv[1][1] == '-' && argv[1][2] == 'v')) {
 				version();
@@ -572,6 +583,7 @@ int main(int argc, char **argv)
 				file = talloc_strdup(gl_pool, argv[2]);
 
 				if (argc == 3) {
+					params.json = 0;
 					goto interactive;
 				}
 
@@ -598,7 +610,7 @@ int main(int argc, char **argv)
 		if (line == NULL)
 			return 0;
 
-		handle_cmd(conn, line, 0);
+		handle_cmd(conn, line, &params);
 	}
 
 	conn_close(conn);

src/occtl/occtl.h

@@ -21,6 +21,7 @@
 typedef struct cmd_params_st {
 	unsigned json;
 	unsigned no_pager;
+	unsigned debug;
 } cmd_params_st;
 
 FILE* pager_start(cmd_params_st *params);
@@ -77,6 +78,7 @@ void conn_posthandle(CONN_TYPE *ctx);
 typedef int (*cmd_func) (CONN_TYPE * conn, const char *arg, cmd_params_st *params);
 
 int handle_status_cmd(CONN_TYPE * conn, const char *arg, cmd_params_st *params);
+int handle_stats_cmd(CONN_TYPE * conn, const char *arg, cmd_params_st *params);
 int handle_list_users_cmd(CONN_TYPE * conn, const char *arg, cmd_params_st *params);
 int handle_list_iroutes_cmd(CONN_TYPE * conn, const char *arg, cmd_params_st *params);
 int handle_list_banned_ips_cmd(CONN_TYPE * conn, const char *arg, cmd_params_st *params);

src/occtl/unix.c

@@ -219,22 +219,125 @@ int handle_status_cmd(struct unix_ctx *ctx, const char *arg, cmd_params_st *para
 	if (rep == NULL)
 		goto error_status;
 
-
 	print_single_value(stdout, params, "Status", rep->status != 0 ? "online" : "error", 1);
 
-	t = rep->start_time;
-	tm = localtime(&t);
-	print_time_ival7(buf, time(0), t);
-	strftime(str_since, sizeof(str_since), DATE_TIME_FMT, tm);
+	if (rep->status) {
+		print_single_value_int(stdout, params, "Server PID", rep->pid, 1);
+		print_single_value_int(stdout, params, "Sec-mod PID", rep->sec_mod_pid, 0);
+
+		t = rep->start_time;
+		tm = localtime(&t);
+		print_time_ival7(buf, time(0), t);
+		strftime(str_since, sizeof(str_since), DATE_TIME_FMT, tm);
+
+		print_single_value_ex(stdout, params, "Up since", str_since, buf, 1);
+
+		print_single_value_int(stdout, params, "Clients", rep->active_clients, 1);
+		if (params->debug) {
+			print_single_value_int(stdout, params, "Sec-mod client entries", rep->secmod_client_entries, 1);
+			print_single_value_int(stdout, params, "TLS DB entries", rep->stored_tls_sessions, 1);
+		}
+		print_single_value_int(stdout, params, "IPs in ban list", rep->banned_ips, 1);
+	}
+
+	print_end_block(stdout, params, 0);
+
+	status_rep__free_unpacked(rep, &pa);
+
+	ret = 0;
+	goto cleanup;
+
+ error_status:
+	print_single_value(stdout, params, "Status", "offline", 0);
+	print_end_block(stdout, params, 0);
+	ret = 1;
+
+ cleanup:
+ 	free_reply(&raw);
+	return ret;
+}
+
+int handle_stats_cmd(struct unix_ctx *ctx, const char *arg, cmd_params_st *params)
+{
+	int ret;
+	struct cmd_reply_st raw;
+	StatusRep *rep;
+	char str_since[64];
+	char buf[MAX_TMPSTR_SIZE];
+	time_t t;
+	struct tm *tm;
+	PROTOBUF_ALLOCATOR(pa, ctx);
+
+	init_reply(&raw);
+
+	print_start_block(stdout, params);
+	if (NO_JSON(params))
+		printf("Note: the printed statistics are not real-time\n");
+
+	ret = send_cmd(ctx, CTL_CMD_STATUS, NULL, NULL, NULL, &raw);
+	if (ret < 0) {
+		goto error_status;
+	}
+
+	rep = status_rep__unpack(&pa, raw.data_size, raw.data);
+	if (rep == NULL)
+		goto error_status;
+
+	if (rep->status) {
+		print_separator(stdout, params);
+
+		if (NO_JSON(params))
+			printf("Sessions:\n");
+
+		print_single_value_int(stdout, params, "Active sessions", rep->active_clients, 1);
+		print_single_value_int(stdout, params, "Handled (closed) sessions", rep->sessions_closed, 1);
+		print_single_value_int(stdout, params, "Timed out sessions", rep->session_timeouts, 1);
+		print_single_value_int(stdout, params, "Timed out (idle) sessions", rep->session_idle_timeouts, 1);
+		print_single_value_int(stdout, params, "Closed due to error sessions", rep->session_errors, 1);
+
+		print_time_ival7(buf, rep->avg_auth_time, 0);
+		print_single_value(stdout, params, "Average auth time", buf, 1);
+
+		print_time_ival7(buf, rep->max_auth_time, 0);
+		print_single_value(stdout, params, "Max auth time", buf, 1);
+
+		print_time_ival7(buf, rep->avg_session_mins*60, 0);
+		print_single_value(stdout, params, "Average session time", buf, 1);
+
+		print_time_ival7(buf, rep->max_session_mins*60, 0);
+		print_single_value(stdout, params, "Max session time", buf, 1);
+
+		print_separator(stdout, params);
+		if (NO_JSON(params))
+			printf("General:\n");
+
+		t = rep->start_time;
+		tm = localtime(&t);
+		print_time_ival7(buf, time(0), t);
+		strftime(str_since, sizeof(str_since), DATE_TIME_FMT, tm);
+
+		print_single_value_ex(stdout, params, "Up since", str_since, buf, 1);
+		t = rep->last_reset;
+		if (t > 0 && t != rep->start_time) {
+			tm = localtime(&t);
+			print_time_ival7(buf, time(0), t);
+			strftime(str_since, sizeof(str_since), DATE_TIME_FMT, tm);
+
+			print_single_value_ex(stdout, params, "Last stats reset", str_since, buf, 1);
+		}
+
+		print_single_value_int(stdout, params, "IPs in ban list", rep->banned_ips, 1);
+		if (params->debug) {
+			print_single_value_int(stdout, params, "Sec-mod client entries", rep->secmod_client_entries, 1);
+			print_single_value_int(stdout, params, "TLS DB entries", rep->stored_tls_sessions, 1);
+		}
+
+		bytes2human(rep->kbytes_in*1000, buf, sizeof(buf), "");
+		print_single_value(stdout, params, "RX", buf, 1);
+		bytes2human(rep->kbytes_out*1000, buf, sizeof(buf), "");
+		print_single_value(stdout, params, "TX", buf, 1);
+	}
 
-	print_single_value_ex(stdout, params, "Up since", str_since, buf, 1);
-	print_single_value_int(stdout, params, "Clients", rep->active_clients, 1);
-	print_single_value_int(stdout, params, "Sec-mod client entries", rep->secmod_client_entries, 1);
-	print_single_value_int(stdout, params, "IPs in ban list", rep->banned_ips, 1);
-	print_single_value_int(stdout, params, "TLS DB entries", rep->stored_tls_sessions, 1);
-	print_separator(stdout, params);
-	print_single_value_int(stdout, params, "Server PID", rep->pid, 1);
-	print_single_value_int(stdout, params, "Sec-mod PID", rep->sec_mod_pid, 0);
 	print_end_block(stdout, params, 0);
 
 	status_rep__free_unpacked(rep, &pa);