svn commit: samba r11114 - in branches/SAMBA_4_0/source/libcli/ldap: .

Mon Oct 17 11:50:35 GMT 2005

Author: tridge
Date: 2005-10-17 11:50:34 +0000 (Mon, 17 Oct 2005)
New Revision: 11114

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11114

Log:

- fixed error handling on bad bind in ildap client

- added nicer error display, giving a string version of the error code


Modified:
   branches/SAMBA_4_0/source/libcli/ldap/ldap_bind.c
   branches/SAMBA_4_0/source/libcli/ldap/ldap_client.c


Changeset:
Modified: branches/SAMBA_4_0/source/libcli/ldap/ldap_bind.c
===================================================================

--- branches/SAMBA_4_0/source/libcli/ldap/ldap_bind.c	2005-10-17 11:33:13 UTC (rev 11113)
+++ branches/SAMBA_4_0/source/libcli/ldap/ldap_bind.c	2005-10-17 11:50:34 UTC (rev 11114)
@@ -240,7 +240,8 @@
 		result = response->r.BindResponse.response.resultcode;
 
 		if (result != LDAP_SUCCESS && result != LDAP_SASL_BIND_IN_PROGRESS) {
-			status = NT_STATUS_UNEXPECTED_NETWORK_ERROR;
+			status = ldap_check_response(conn, 
+						     &response->r.BindResponse.response);
 			break;
 		}
 

Modified: branches/SAMBA_4_0/source/libcli/ldap/ldap_client.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/ldap/ldap_client.c	2005-10-17 11:33:13 UTC (rev 11113)
+++ branches/SAMBA_4_0/source/libcli/ldap/ldap_client.c	2005-10-17 11:50:34 UTC (rev 11114)
@@ -556,10 +556,62 @@
 
 
 /*
+  a mapping of ldap response code to strings
+*/
+static const struct {
+	enum ldap_result_code code;
+	const char *str;
+} ldap_code_map[] = {
+#define _LDAP_MAP_CODE(c) { c, #c }
+	_LDAP_MAP_CODE(LDAP_SUCCESS),
+	_LDAP_MAP_CODE(LDAP_OPERATIONS_ERROR),
+	_LDAP_MAP_CODE(LDAP_PROTOCOL_ERROR),
+	_LDAP_MAP_CODE(LDAP_TIME_LIMIT_EXCEEDED),
+	_LDAP_MAP_CODE(LDAP_SIZE_LIMIT_EXCEEDED),
+	_LDAP_MAP_CODE(LDAP_COMPARE_FALSE),
+	_LDAP_MAP_CODE(LDAP_COMPARE_TRUE),
+	_LDAP_MAP_CODE(LDAP_AUTH_METHOD_NOT_SUPPORTED),
+	_LDAP_MAP_CODE(LDAP_STRONG_AUTH_REQUIRED),
+	_LDAP_MAP_CODE(LDAP_REFERRAL),
+	_LDAP_MAP_CODE(LDAP_ADMIN_LIMIT_EXCEEDED),
+	_LDAP_MAP_CODE(LDAP_UNAVAILABLE_CRITICAL_EXTENSION),
+	_LDAP_MAP_CODE(LDAP_CONFIDENTIALITY_REQUIRED),
+	_LDAP_MAP_CODE(LDAP_SASL_BIND_IN_PROGRESS),
+	_LDAP_MAP_CODE(LDAP_NO_SUCH_ATTRIBUTE),
+	_LDAP_MAP_CODE(LDAP_UNDEFINED_ATTRIBUTE_TYPE),
+	_LDAP_MAP_CODE(LDAP_INAPPROPRIATE_MATCHING),
+	_LDAP_MAP_CODE(LDAP_CONSTRAINT_VIOLATION),
+	_LDAP_MAP_CODE(LDAP_ATTRIBUTE_OR_VALUE_EXISTS),
+	_LDAP_MAP_CODE(LDAP_INVALID_ATTRIBUTE_SYNTAX),
+	_LDAP_MAP_CODE(LDAP_NO_SUCH_OBJECT),
+	_LDAP_MAP_CODE(LDAP_ALIAS_PROBLEM),
+	_LDAP_MAP_CODE(LDAP_INVALID_DN_SYNTAX),
+	_LDAP_MAP_CODE(LDAP_ALIAS_DEREFERENCING_PROBLEM),
+	_LDAP_MAP_CODE(LDAP_INAPPROPRIATE_AUTHENTICATION),
+	_LDAP_MAP_CODE(LDAP_INVALID_CREDENTIALS),
+	_LDAP_MAP_CODE(LDAP_INSUFFICIENT_ACCESS_RIGHTs),
+	_LDAP_MAP_CODE(LDAP_BUSY),
+	_LDAP_MAP_CODE(LDAP_UNAVAILABLE),
+	_LDAP_MAP_CODE(LDAP_UNWILLING_TO_PERFORM),
+	_LDAP_MAP_CODE(LDAP_LOOP_DETECT),
+	_LDAP_MAP_CODE(LDAP_NAMING_VIOLATION),
+	_LDAP_MAP_CODE(LDAP_OBJECT_CLASS_VIOLATION),
+	_LDAP_MAP_CODE(LDAP_NOT_ALLOWED_ON_NON_LEAF),
+	_LDAP_MAP_CODE(LDAP_NOT_ALLOWED_ON_RDN),
+	_LDAP_MAP_CODE(LDAP_ENTRY_ALREADY_EXISTS),
+	_LDAP_MAP_CODE(LDAP_OBJECT_CLASS_MODS_PROHIBITED),
+	_LDAP_MAP_CODE(LDAP_AFFECTS_MULTIPLE_DSAS),
+	_LDAP_MAP_CODE(LDAP_OTHER)
+};
+
+/*
   used to setup the status code from a ldap response
 */
 NTSTATUS ldap_check_response(struct ldap_connection *conn, struct ldap_Result *r)
 {
+	int i;
+	const char *codename = "unknown";
+
 	if (r->resultcode == LDAP_SUCCESS) {
 		return NT_STATUS_OK;
 	}
@@ -567,8 +619,17 @@
 	if (conn->last_error) {
 		talloc_free(conn->last_error);
 	}
-	conn->last_error = talloc_asprintf(conn, "LDAP error %u - %s <%s> <%s>", 
+
+	for (i=0;i<ARRAY_SIZE(ldap_code_map);i++) {
+		if (r->resultcode == ldap_code_map[i].code) {
+			codename = ldap_code_map[i].str;
+			break;
+		}
+	}
+
+	conn->last_error = talloc_asprintf(conn, "LDAP error %u %s - %s <%s> <%s>", 
 					   r->resultcode,
+					   codename,
 					   r->dn?r->dn:"(NULL)", 
 					   r->errormessage?r->errormessage:"", 
 					   r->referral?r->referral:"");

