[Freeipa-devel] [PATCH 0142] Improve LDAP error logging

Tomas Hozza thozza at redhat.com
Tue May 7 07:36:26 UTC 2013


On 04/09/2013 03:27 PM, Petr Spacek wrote:
> Hello,
> 
> Improve LDAP error logging.
> 
> Diagnostic error message is logged when it is available.
> 
> 
> Plugin with this patch produces messages like:
> 
> LDAP error: Server is unwilling to perform: Minimum SSF not met.: bind
> to LDAP server failed
> 
> intead of
> 
> bind to LDAP server failed: Server is unwilling to perform
> 
> 
> Second example is:
> 
> LDAP error: Object class violation: attribute "mgrecord" not allowed
> : while modifying(add) entry 'idnsName=pspacek,
> idnsname=example.com,cn=dns,dc=e,dc=test'
> 
> instead of
> 
> ""
> 
> :-D
> 

<snip>
> diff --git a/src/log.h b/src/log.h
> index 312f24322fd0c6f9943c6beb810ac0bcd8f3896c..cbf1a3faaaccea7391d65d018e80d8ec688fc111 100644
> 
> --- a/src/log.h
> 
> +++ b/src/log.h
> 
> @@ -55,16 +55,30 @@
> 
> log_write(GET_LOG_LEVEL(level), format, ##__VA_ARGS__)
> /* LDAP logging functions */
> -#define log_ldap_error(ld) 						\
> - 	do { 								\
> - 		int err; 						\
> - 		char *errmsg = "<UNKNOWN>"; 				\
> - 		if (ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err) 	\
> - 			== LDAP_OPT_SUCCESS) 				\
> - 				errmsg = ldap_err2string(err); 		\
> - 		log_error_position("LDAP error: %s", errmsg); 		\
> - 	} while (0); 							\
> +#define LOG_LDAP_ERR_PREFIX "LDAP error: "
> +#define log_ldap_error(ld, desc, ...) 							\
> + 	do { 											\
> + 		int err; 									\
> + 		char *errmsg = NULL; 								\
> + 		char *diagmsg = NULL; 								\
> + 		if (ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err) 				\
> + 			== LDAP_OPT_SUCCESS) { 							\
> + 				errmsg = ldap_err2string(err); 					\
Getting error msg for the first time here.

> + 				if (ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &diagmsg) 	\
> + 					== LDAP_OPT_SUCCESS && diagmsg != NULL) { 		\
> + 						errmsg = ldap_err2string(err);			\
Again getting error msg with the same "err". Maybe a copy-paste error?

> + 						log_error(LOG_LDAP_ERR_PREFIX "%s: %s: " desc, 	\
> + 							errmsg, diagmsg, ##__VA_ARGS__); 	\
> + 						ldap_memfree(diagmsg); 				\
> + 				} else 								\
> + 						log_error(LOG_LDAP_ERR_PREFIX "%s: " desc, 	\
> + 							errmsg, ##__VA_ARGS__); 		\
> + 		} else { 									\
> + 				log_error(LOG_LDAP_ERR_PREFIX 					\
> + 					"<unable to obtain LDAP error code>: " 			\
> + 					desc, ##__VA_ARGS__); 					\
> + 		} 										\
> + 	} while (0);
> void
> log_write(int level, const char *format, ...) ISC_FORMAT_PRINTF(2, 3); 


Regards,

Tomas Hozza




More information about the Freeipa-devel mailing list