[Freeipa-devel] [PATCH 0142] Improve LDAP error logging

Tue May 14 15:49:03 UTC 2013

On 14.5.2013 11:46, Tomas Babej wrote:
> On 05/07/2013 09:36 AM, Tomas Hozza wrote:
>> On 04/09/2013 03:27 PM, Petr Spacek wrote:
>>> Hello,
>>>
>>> Improve LDAP error logging.
>>>
>>> Diagnostic error message is logged when it is available.
>>>
>>>
>>> Plugin with this patch produces messages like:
>>>
>>> LDAP error: Server is unwilling to perform: Minimum SSF not met.: bind
>>> to LDAP server failed
>>>
>>> intead of
>>>
>>> bind to LDAP server failed: Server is unwilling to perform
>>>
>>>
>>> Second example is:
>>>
>>> LDAP error: Object class violation: attribute "mgrecord" not allowed
>>> : while modifying(add) entry 'idnsName=pspacek,
>>> idnsname=example.com,cn=dns,dc=e,dc=test'
>>>
>>> instead of
>>>
>>> ""
>>>
>>> :-D
>>>
>> <snip>
>>> diff --git a/src/log.h b/src/log.h
>>> index
>>> 312f24322fd0c6f9943c6beb810ac0bcd8f3896c..cbf1a3faaaccea7391d65d018e80d8ec688fc111
>>> 100644
>>>
>>> --- a/src/log.h
>>>
>>> +++ b/src/log.h
>>>
>>> @@ -55,16 +55,30 @@
>>>
>>> log_write(GET_LOG_LEVEL(level), format, ##__VA_ARGS__)
>>> /* LDAP logging functions */
>>> -#define log_ldap_error(ld)                         \
>>> -     do {                                 \
>>> -         int err;                         \
>>> -         char *errmsg = "<UNKNOWN>";                 \
>>> -         if (ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err)     \
>>> -             == LDAP_OPT_SUCCESS)                 \
>>> -                 errmsg = ldap_err2string(err);         \
>>> -         log_error_position("LDAP error: %s", errmsg);         \
>>> -     } while (0);                             \
>>> +#define LOG_LDAP_ERR_PREFIX "LDAP error: "
>>> +#define log_ldap_error(ld, desc, ...)                             \
>>> +     do {                                             \
>>> +         int err;                                     \
>>> +         char *errmsg = NULL;                                 \
>>> +         char *diagmsg = NULL;                                 \
>>> +         if (ldap_get_option(ld, LDAP_OPT_RESULT_CODE,
>>> &err)                 \
>>> +             == LDAP_OPT_SUCCESS) {                             \
>>> +                 errmsg = ldap_err2string(err);                     \
>> Getting error msg for the first time here.
>>
>>> +                 if (ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE,
>>> &diagmsg)     \
>>> +                     == LDAP_OPT_SUCCESS && diagmsg != NULL) {         \
>>> +                         errmsg = ldap_err2string(err);            \
>> Again getting error msg with the same "err". Maybe a copy-paste error?
>>
>>> +                         log_error(LOG_LDAP_ERR_PREFIX "%s: %s: " desc,     \
>>> +                             errmsg, diagmsg, ##__VA_ARGS__);     \
>>> +                         ldap_memfree(diagmsg);                 \
>>> +                 } else                                 \
>>> +                         log_error(LOG_LDAP_ERR_PREFIX "%s: " desc,     \
>>> +                             errmsg, ##__VA_ARGS__);         \
>>> +         } else {                                     \
>>> +                 log_error(LOG_LDAP_ERR_PREFIX                     \
>>> +                     "<unable to obtain LDAP error code>: "             \
>>> +                     desc, ##__VA_ARGS__);                     \
>>> +         }                                         \
>>> +     } while (0);
>>> void
>>> log_write(int level, const char *format, ...) ISC_FORMAT_PRINTF(2, 3);
>>
>> Regards,
>>
>> Tomas Hozza
>>
> ACK, provides the desired info.

Pushed to master: af83758cb3f91129399494c95a1847814b1d71a8

-- 
Petr^2 Spacek