search

KxSystems / ldap

Kdb+ integration with LDAP
https://code.kx.com/q
Apache License 2.0
5 stars 5 forks source link

Ability to get secondary error info (e.g. from 3rd party sasl lib) #145

Closed sshanks-kx closed 1 year ago

sshanks-kx commented 1 year ago

running ldapsearch can often print 'additional info' on error e.g.

[root@7f7b9d2027ca qinstall]# LD_LIBRARY_PATH=/usr/lib/:$LD_LIBRARY_PATH ldapsearch -H ldap://simon.edt.org  -D 'dc=edt,dc=org' -Y GSSAPI -N 1 
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind: Local error (-2)
    additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server ldap/simon.edt.org@EDT.ORG not found in Kerberos database)

currently, for -2 error, running .ldap.err2string[-2i] gives "Local error" as per first line of the ldapsearch error, but would be helpful to be able to get what ldapsearch shows for its 'additional info'.

sshanks-kx commented 1 year ago

Extra info appears to come from getting value of LDAP_OPT_DIAGNOSTIC_MESSAGE message (rather than any return values/etc of function directly) https://github.com/openldap/openldap/blob/992815ced57d77b4a3ff554dc5a84412531cf4dd/clients/tools/common.c#L1552