From 9bdfb21eeedc9583ec232ac89c9beef52a2f3e0a Mon Sep 17 00:00:00 2001
From: LINKIWI <LINKIWI@users.noreply.github.com>
Date: Tue, 22 Feb 2022 10:53:11 -0800
Subject: [PATCH] feat(inputs/memcached): Support client TLS origination to
 memcached (#10642)

---
 plugins/inputs/memcached/README.md    |  8 ++++++
 plugins/inputs/memcached/memcached.go | 36 ++++++++++++++++++++++++---
 2 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/plugins/inputs/memcached/README.md b/plugins/inputs/memcached/README.md
index 2ade3a43e..a551a1dc3 100644
--- a/plugins/inputs/memcached/README.md
+++ b/plugins/inputs/memcached/README.md
@@ -12,6 +12,14 @@ This plugin gathers statistics data from a Memcached server.
   servers = ["localhost:11211"]
   # An array of unix memcached sockets to gather stats about.
   # unix_sockets = ["/var/run/memcached.sock"]
+
+  ## Optional TLS Config
+  # enable_tls = true
+  # tls_ca = "/etc/telegraf/ca.pem"
+  # tls_cert = "/etc/telegraf/cert.pem"
+  # tls_key = "/etc/telegraf/key.pem"
+  ## If false, skip chain & host verification
+  # insecure_skip_verify = true
 ```
 
 ## Measurements & Fields
diff --git a/plugins/inputs/memcached/memcached.go b/plugins/inputs/memcached/memcached.go
index c3cb16749..f71669a95 100644
--- a/plugins/inputs/memcached/memcached.go
+++ b/plugins/inputs/memcached/memcached.go
@@ -3,19 +3,24 @@ package memcached
 import (
 	"bufio"
 	"bytes"
+	"crypto/tls"
 	"fmt"
 	"net"
 	"strconv"
 	"time"
 
 	"github.com/influxdata/telegraf"
+	tlsint "github.com/influxdata/telegraf/plugins/common/tls"
 	"github.com/influxdata/telegraf/plugins/inputs"
+	"golang.org/x/net/proxy"
 )
 
 // Memcached is a memcached plugin
 type Memcached struct {
-	Servers     []string
-	UnixSockets []string
+	Servers     []string `toml:"servers"`
+	UnixSockets []string `toml:"unix_sockets"`
+	EnableTLS   bool     `toml:"enable_tls"`
+	tlsint.ClientConfig
 }
 
 var sampleConfig = `
@@ -23,6 +28,14 @@ var sampleConfig = `
   ## with optional port. ie localhost, 10.0.0.1:11211, etc.
   servers = ["localhost:11211"]
   # unix_sockets = ["/var/run/memcached.sock"]
+
+  ## Optional TLS Config
+  # enable_tls = true
+  # tls_ca = "/etc/telegraf/ca.pem"
+  # tls_cert = "/etc/telegraf/cert.pem"
+  # tls_key = "/etc/telegraf/key.pem"
+  ## If false, skip chain & host verification
+  # insecure_skip_verify = true
 `
 
 var defaultTimeout = 5 * time.Second
@@ -112,8 +125,23 @@ func (m *Memcached) gatherServer(
 ) error {
 	var conn net.Conn
 	var err error
+	var dialer proxy.Dialer
+
+	dialer = &net.Dialer{Timeout: defaultTimeout}
+	if m.EnableTLS {
+		tlsCfg, err := m.ClientConfig.TLSConfig()
+		if err != nil {
+			return err
+		}
+
+		dialer = &tls.Dialer{
+			NetDialer: dialer.(*net.Dialer),
+			Config:    tlsCfg,
+		}
+	}
+
 	if unix {
-		conn, err = net.DialTimeout("unix", address, defaultTimeout)
+		conn, err = dialer.Dial("unix", address)
 		if err != nil {
 			return err
 		}
@@ -124,7 +152,7 @@ func (m *Memcached) gatherServer(
 			address = address + ":11211"
 		}
 
-		conn, err = net.DialTimeout("tcp", address, defaultTimeout)
+		conn, err = dialer.Dial("tcp", address)
 		if err != nil {
 			return err
 		}