#47799 Any negative LDAP error code number reported as Illegal error by ldclt.
Closed: Fixed None Opened 5 years ago by nhosoi.

Description of problem:
Any negative error code number reported as Illegal error by ldclt.

How reproducible:
Always

Steps to Reproduce:
1. Perform any OpenLDAP operation with ldclt which should give negative error
for example
/usr/bin/ldclt-bin -h <host> -p <port> -e esearch -e bindeach -e randomauthid -e randomauthidlow=1 -e randomauthidhigh=9999 -o mech=DIGEST-MD5 -o authid=loginXXXX -w <pw> -s base -b o=example.com -f uid=modify* -V -q -E 10004 -n 10 -N 20000 -T 1000 -W 2

  1. It will give ldclt[12170]: Illegal error number -6 in SASL

Actual results:
ldclt[12170]: Illegal error number -6 in SASL

Expected results:
It should report better error message.

More Info::(By Nathan)
Negative LDAP errors are local (client-side) errors in OpenLDAP. Here
is how -6 is defined:


define LDAP_AUTH_UNKNOWN (-6)


In mozldap, there were no negative error codes at all. It might be that
ldclt doesn't expect a negative code, and reports a poor error message
when it encounters it. This error code could be returned if an unknown
SASL mechanism was attempted (though I haven't confirmed this).

There is a minor ldclt bug in that it should expect that negative error
codes could be encountered. This code is the culprit:


/
- Update the counters
/
if ((err <= 0) || (err >= MAX_ERROR_NB))
{
fprintf (stderr, "ldclt[%d]: Illegal error number %d\n", mctx.pid, err);
fflush (stderr);
mctx.errorsBad++;
}



Reviewed by Mark (Thank you!!)

Pushed to master:
674eac2..71be5fa master -> master
commit 71be5fa

Pushed to 389-ds-base-1.3.4:
9e4cf12..0680a45 389-ds-base-1.3.4 -> 389-ds-base-1.3.4
commit 0680a45

Metadata Update from @nhosoi:
- Issue assigned to nhosoi
- Issue set to the milestone: 1.3.4.2

2 years ago

Login to comment on this ticket.

Metadata