[Freeipa-devel] [PATCH 0053] Use richer set of return codes for LDAP connection error handling code

Adam Tkac atkac at redhat.com
Wed Sep 5 11:33:01 UTC 2012 

On Wed, Aug 15, 2012 at 01:23:45PM +0200, Petr Spacek wrote:
> Hello,
> 
> current code return very generic ISC_R_FAILURE code in nearly all (error) cases.
> 
> This patch distinguishes between different LDAP errors and returns
> richer set of return codes from LDAP connection error handling code.
> 
> It should lead to clearer log messages.
> 
> Petr^2 Spacek

Ack

> From 15d6b38c9eda5b05d799c145ede8341f359e8633 Mon Sep 17 00:00:00 2001
> From: Petr Spacek <pspacek at redhat.com>
> Date: Wed, 15 Aug 2012 13:01:48 +0200
> Subject: [PATCH] Use richer set of return codes for LDAP connection error
>  handling code.
> 
> It should lead to clear log messages.
> 
> Signed-off-by: Petr Spacek <pspacek at redhat.com>
> ---
>  src/ldap_helper.c | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/src/ldap_helper.c b/src/ldap_helper.c
> index 798aeadfef27d7071a1dd4133b7f08a21918ef78..da083d2e65032e650cfbbeb863262e0141403407 100644
> --- a/src/ldap_helper.c
> +++ b/src/ldap_helper.c
> @@ -1971,7 +1971,7 @@ ldap_reconnect(ldap_instance_t *ldap_inst, ldap_connection_t *ldap_conn,
>  		result = isc_time_now(&now);
>  		time_cmp = isc_time_compare(&now, &ldap_conn->next_reconnect);
>  		if (result == ISC_R_SUCCESS && time_cmp < 0)
> -			return ISC_R_FAILURE;
> +			return ISC_R_SOFTQUOTA;
>  	}
>  
>  	/* If either bind_dn or the password is not set, we will use
> @@ -2050,6 +2050,8 @@ force_reconnect:
>  			return ISC_R_NOPERM;
>  		case LDAP_SERVER_DOWN:
>  			return ISC_R_NOTCONNECTED;
> +		case LDAP_TIMEOUT:
> +			return ISC_R_TIMEDOUT;
>  		default:
>  			return ISC_R_FAILURE;
>  		}
> @@ -2085,13 +2087,16 @@ handle_connection_error(ldap_instance_t *ldap_inst, ldap_connection_t *ldap_conn
>  	switch (err_code) {
>  	case LDAP_NO_SUCH_OBJECT:
>  		ldap_conn->tries = 0;
> -		return ISC_R_SUCCESS;
> +		result = ISC_R_SUCCESS;
> +		break;
>  	case LDAP_TIMEOUT:
>  		log_error("LDAP query timed out. Try to adjust \"timeout\" parameter");
> +		result = ISC_R_TIMEDOUT;
>  		break;
>  	case LDAP_INVALID_DN_SYNTAX:
>  	case LDAP_INVALID_SYNTAX:
>  		log_bug("Invalid syntax in handle_connection_error indicates a bug");
> +		result = ISC_R_UNEXPECTEDTOKEN;
>  		break;
>  	default:
>  		/* Try to reconnect on other errors. */
> -- 
> 1.7.11.2
> 


-- 
Adam Tkac, Red Hat, Inc.

More information about the Freeipa-devel mailing list