On 04/09/2013 03:27 PM, Petr Spacek wrote:
> Hello,
>
> Improve LDAP error logging.
>
> Diagnostic error message is logged when it is available.
>
>
> Plugin with this patch produces messages like:
>
> LDAP error: Server is unwilling to perform: Minimum SSF not met.: bind
> to LDAP server failed
>
> intead of
>
> bind to LDAP server failed: Server is unwilling to perform
>
>
> Second example is:
>
> LDAP error: Object class violation: attribute "mgrecord" not allowed
> : while modifying(add) entry 'idnsName=pspacek,
> idnsname=example.com,cn=dns,dc=e,dc=test'
>
> instead of
>
> ""
>
> :-D
>
<snip>
> diff --git a/src/log.h b/src/log.h
> index
> 312f24322fd0c6f9943c6beb810ac0bcd8f3896c..cbf1a3faaaccea7391d65d018e80d8ec688fc111
> 100644
>
> --- a/src/log.h
>
> +++ b/src/log.h
>
> @@ -55,16 +55,30 @@
>
> log_write(GET_LOG_LEVEL(level), format, ##__VA_ARGS__)
> /* LDAP logging functions */
> -#define log_ldap_error(ld) \
> - do { \
> - int err; \
> - char *errmsg = "<UNKNOWN>"; \
> - if (ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err) \
> - == LDAP_OPT_SUCCESS) \
> - errmsg = ldap_err2string(err); \
> - log_error_position("LDAP error: %s", errmsg); \
> - } while (0); \
> +#define LOG_LDAP_ERR_PREFIX "LDAP error: "
> +#define log_ldap_error(ld, desc, ...)
> \
> + do {
> \
> + int err;
> \
> + char *errmsg = NULL;
> \
> + char *diagmsg = NULL;
> \
> + if (ldap_get_option(ld, LDAP_OPT_RESULT_CODE, &err)
> \
> + == LDAP_OPT_SUCCESS) {
> \
> + errmsg = ldap_err2string(err);
> \
Getting error msg for the first time here.
> + if (ldap_get_option(ld,
> LDAP_OPT_DIAGNOSTIC_MESSAGE, &diagmsg) \
> + == LDAP_OPT_SUCCESS && diagmsg != NULL)
> { \
> + errmsg = ldap_err2string(err);
> \
Again getting error msg with the same "err". Maybe a copy-paste error?
> + log_error(LOG_LDAP_ERR_PREFIX
> "%s: %s: " desc, \
> + errmsg, diagmsg,
> ##__VA_ARGS__); \
> + ldap_memfree(diagmsg);
> \
> + } else
> \
> + log_error(LOG_LDAP_ERR_PREFIX
> "%s: " desc, \
> + errmsg, ##__VA_ARGS__);
> \
> + } else {
> \
> + log_error(LOG_LDAP_ERR_PREFIX
> \
> + "<unable to obtain LDAP error code>: "
> \
> + desc, ##__VA_ARGS__);
> \
> + }
> \
> + } while (0);
> void
> log_write(int level, const char *format, ...) ISC_FORMAT_PRINTF(2, 3);
Regards,
Tomas Hozza
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
