3 * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
11 #include <ac/stdlib.h>
13 #include <ac/socket.h>
14 #include <ac/string.h>
24 static struct ldaperror ldap_builtin_errlist[] = {
25 {LDAP_SUCCESS, "Success" },
26 {LDAP_OPERATIONS_ERROR, "Operations error" },
27 {LDAP_PROTOCOL_ERROR, "Protocol error" },
28 {LDAP_TIMELIMIT_EXCEEDED, "Time limit exceeded" },
29 {LDAP_SIZELIMIT_EXCEEDED, "Size limit exceeded" },
30 {LDAP_COMPARE_FALSE, "Compare False" },
31 {LDAP_COMPARE_TRUE, "Compare True" },
32 {LDAP_STRONG_AUTH_NOT_SUPPORTED, "Authentication method not supported" },
33 {LDAP_STRONG_AUTH_REQUIRED, "Strong(er) authentication required" },
34 {LDAP_PARTIAL_RESULTS, "Partial results and referral received" },
36 {LDAP_REFERRAL, "Referral"},
37 {LDAP_ADMINLIMIT_EXCEEDED, "Administrative limit exceeded"},
38 {LDAP_UNAVAILABLE_CRITICAL_EXTENSION,
39 "Critical extension is unavailable"},
40 {LDAP_CONFIDENTIALITY_REQUIRED, "Confidentiality required"},
41 {LDAP_SASL_BIND_IN_PROGRESS, "SASL bind in progress"},
43 {LDAP_NO_SUCH_ATTRIBUTE, "No such attribute" },
44 {LDAP_UNDEFINED_TYPE, "Undefined attribute type" },
45 {LDAP_INAPPROPRIATE_MATCHING, "Inappropriate matching" },
46 {LDAP_CONSTRAINT_VIOLATION, "Constraint violation" },
47 {LDAP_TYPE_OR_VALUE_EXISTS, "Type or value exists" },
48 {LDAP_INVALID_SYNTAX, "Invalid syntax" },
50 {LDAP_NO_SUCH_OBJECT, "No such object" },
51 {LDAP_ALIAS_PROBLEM, "Alias problem" },
52 {LDAP_INVALID_DN_SYNTAX, "Invalid DN syntax" },
53 {LDAP_IS_LEAF, "Entry is a leaf" },
54 {LDAP_ALIAS_DEREF_PROBLEM, "Alias dereferencing problem" },
56 {LDAP_PROXY_AUTHZ_FAILURE, "Proxy Authorization Failure" },
57 {LDAP_INAPPROPRIATE_AUTH, "Inappropriate authentication" },
58 {LDAP_INVALID_CREDENTIALS, "Invalid credentials" },
59 {LDAP_INSUFFICIENT_ACCESS, "Insufficient access" },
60 {LDAP_BUSY, "Server is busy" },
61 {LDAP_UNAVAILABLE, "Server is unavailable" },
62 {LDAP_UNWILLING_TO_PERFORM, "Server is unwilling to perform" },
63 {LDAP_LOOP_DETECT, "Loop detected" },
65 {LDAP_NAMING_VIOLATION, "Naming violation" },
66 {LDAP_OBJECT_CLASS_VIOLATION, "Object class violation" },
67 {LDAP_NOT_ALLOWED_ON_NONLEAF, "Operation not allowed on non-leaf" },
68 {LDAP_NOT_ALLOWED_ON_RDN, "Operation not allowed on RDN" },
69 {LDAP_ALREADY_EXISTS, "Already exists" },
70 {LDAP_NO_OBJECT_CLASS_MODS, "Cannot modify object class" },
71 {LDAP_RESULTS_TOO_LARGE, "Results too large" },
72 {LDAP_AFFECTS_MULTIPLE_DSAS, "Operation affects multiple DSAs" },
74 {LDAP_OTHER, "Internal (implementation specific) error" },
77 {LDAP_SERVER_DOWN, "Can't contact LDAP server" },
78 {LDAP_LOCAL_ERROR, "Local error" },
79 {LDAP_ENCODING_ERROR, "Encoding error" },
80 {LDAP_DECODING_ERROR, "Decoding error" },
81 {LDAP_TIMEOUT, "Timed out" },
82 {LDAP_AUTH_UNKNOWN, "Unknown authentication method" },
83 {LDAP_FILTER_ERROR, "Bad search filter" },
84 {LDAP_USER_CANCELLED, "User cancelled operation" },
85 {LDAP_PARAM_ERROR, "Bad parameter to an ldap routine" },
86 {LDAP_NO_MEMORY, "Out of memory" },
88 {LDAP_CONNECT_ERROR, "Connect error" },
89 {LDAP_NOT_SUPPORTED, "Not Supported" },
90 {LDAP_CONTROL_NOT_FOUND, "Control not found" },
91 {LDAP_NO_RESULTS_RETURNED, "No results returned" },
92 {LDAP_MORE_RESULTS_TO_RETURN, "More results to return" },
93 {LDAP_CLIENT_LOOP, "Client Loop" },
94 {LDAP_REFERRAL_LIMIT_EXCEEDED, "Referral Limit Exceeded" },
96 #ifdef LDAP_CLIENT_UPDATE
97 {LDAP_CUP_RESOURCES_EXHAUSTED, "Client Update Resource Exhausted" },
98 {LDAP_CUP_SECURITY_VIOLATION, "Client Update Security Violation" },
99 {LDAP_CUP_INVALID_COOKIE, "Client Update Invalid Cookie" },
100 {LDAP_CUP_UNSUPPORTED_SCHEME, "Client Update Unsupported Scheme" },
101 {LDAP_CUP_CLIENT_DISCONNECT, "Client Update Client Disconnect" },
102 {LDAP_CUP_RELOAD_REQUIRED, "Client Update Reload Required" },
105 #ifdef LDAP_EXOP_X_CANCEL
106 {LDAP_CANCELLED, "Cancelled" },
107 {LDAP_NO_SUCH_OPERATION, "No Operation to Cancel" },
108 {LDAP_TOO_LATE, "Too Late to Cancel" },
109 {LDAP_CANNOT_CANCEL, "Cannot Cancel" },
115 static struct ldaperror *ldap_errlist = ldap_builtin_errlist;
117 void ldap_int_error_init( void ) {
119 #define LDAP_NLS_SDK_CAT "openldap_sdk"
120 #define LDAP_NLS_LIBLDAP_SET (0)
123 nl_catd catd = catopen( LDAP_NLS_SDK_CAT, NL_CAT_LOCALE );
129 for ( i=0; ldap_errlist[i].e_reason != NULL; i++ ) {
130 char *msg = catgets( catd,
131 LDAP_NLS_LIBLDAP_SET,
132 ldap_errlist[i].e_code, NULL );
135 msg = LDAP_STRDUP( msg );
138 ldap_errlist[i].e_reason = msg;
147 static const struct ldaperror *
148 ldap_int_error( int err )
152 for ( i=0; ldap_errlist[i].e_reason != NULL; i++ ) {
153 if ( err == ldap_errlist[i].e_code ) {
154 return &ldap_errlist[i];
162 ldap_err2string( int err )
164 const struct ldaperror *e;
167 LDAP_LOG ( OPERATION, ENTRY, "ldap_err2string\n", 0,0,0 );
169 Debug( LDAP_DEBUG_TRACE, "ldap_err2string\n", 0, 0, 0 );
172 e = ldap_int_error( err );
174 return e ? e->e_reason : "Unknown error";
179 ldap_perror( LDAP *ld, LDAP_CONST char *str )
182 const struct ldaperror *e;
184 LDAP_LOG ( OPERATION, ENTRY, "ldap_perror\n", 0,0,0 );
186 Debug( LDAP_DEBUG_TRACE, "ldap_perror\n", 0, 0, 0 );
189 assert( ld != NULL );
190 assert( LDAP_VALID( ld ) );
193 e = ldap_int_error( ld->ld_errno );
195 fprintf( stderr, "%s: %s (%d)\n",
196 str ? str : "ldap_perror",
197 e ? e->e_reason : "unknown LDAP result code",
200 if ( ld->ld_matched != NULL && ld->ld_matched[0] != '\0' ) {
201 fprintf( stderr, "\tmatched DN: %s\n", ld->ld_matched );
204 if ( ld->ld_error != NULL && ld->ld_error[0] != '\0' ) {
205 fprintf( stderr, "\tadditional info: %s\n", ld->ld_error );
208 if ( ld->ld_referrals != NULL && ld->ld_referrals[0] != NULL) {
209 fprintf( stderr, "\treferrals:\n" );
210 for (i=0; ld->ld_referrals[i]; i++) {
211 fprintf( stderr, "\t\t%s\n", ld->ld_referrals[i] );
220 ldap_result2error( LDAP *ld, LDAPMessage *r, int freeit )
224 rc = ldap_parse_result( ld, r, &err,
225 NULL, NULL, NULL, NULL, freeit );
227 return err != LDAP_SUCCESS ? err : rc;
231 * Parse LDAPResult Messages:
233 * LDAPResult ::= SEQUENCE {
234 * resultCode ENUMERATED,
236 * errorMessage LDAPString,
237 * referral [3] Referral OPTIONAL }
239 * including Bind results:
241 * BindResponse ::= [APPLICATION 1] SEQUENCE {
242 * COMPONENTS OF LDAPResult,
243 * serverSaslCreds [7] OCTET STRING OPTIONAL }
245 * and ExtendedOp results:
247 * ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
248 * COMPONENTS OF LDAPResult,
249 * responseName [10] LDAPOID OPTIONAL,
250 * response [11] OCTET STRING OPTIONAL }
261 LDAPControl ***serverctrls,
265 ber_int_t errcode = LDAP_SUCCESS;
271 LDAP_LOG ( OPERATION, ENTRY, "ldap_parse_result\n", 0,0,0 );
273 Debug( LDAP_DEBUG_TRACE, "ldap_parse_result\n", 0, 0, 0 );
276 assert( ld != NULL );
277 assert( LDAP_VALID( ld ) );
280 if(errcodep != NULL) *errcodep = LDAP_SUCCESS;
281 if(matcheddnp != NULL) *matcheddnp = NULL;
282 if(errmsgp != NULL) *errmsgp = NULL;
283 if(referralsp != NULL) *referralsp = NULL;
284 if(serverctrls != NULL) *serverctrls = NULL;
286 /* Find the next result... */
287 for ( lm = r; lm != NULL; lm = lm->lm_chain ) {
288 /* skip over entries and references */
289 if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY &&
290 lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE &&
291 lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL )
298 ld->ld_errno = LDAP_NO_RESULTS_RETURNED;
302 if ( ld->ld_error ) {
303 LDAP_FREE( ld->ld_error );
306 if ( ld->ld_matched ) {
307 LDAP_FREE( ld->ld_matched );
308 ld->ld_matched = NULL;
310 if ( ld->ld_referrals ) {
311 LDAP_VFREE( ld->ld_referrals );
312 ld->ld_referrals = NULL;
317 ber = ber_dup( lm->lm_ber );
319 if ( ld->ld_version < LDAP_VERSION2 ) {
320 tag = ber_scanf( ber, "{ia}",
321 &ld->ld_errno, &ld->ld_error );
324 tag = ber_scanf( ber, "{iaa" /*}*/,
325 &ld->ld_errno, &ld->ld_matched, &ld->ld_error );
327 if( tag != LBER_ERROR ) {
328 /* peek for referrals */
329 if( ber_peek_tag(ber, &len) == LDAP_TAG_REFERRAL ) {
330 tag = ber_scanf( ber, "v", &ld->ld_referrals );
334 /* need to clean out misc items */
335 if( tag != LBER_ERROR ) {
336 if( lm->lm_msgtype == LDAP_RES_BIND ) {
337 /* look for sasl result creditials */
338 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SASL_RES_CREDS ) {
340 tag = ber_scanf( ber, "x" );
343 } else if( lm->lm_msgtype == LDAP_RES_EXTENDED ) {
344 /* look for exop result oid or value */
345 if ( ber_peek_tag( ber, &len ) == LDAP_TAG_EXOP_RES_OID ) {
347 tag = ber_scanf( ber, "x" );
350 if ( tag != LBER_ERROR &&
351 ber_peek_tag( ber, &len ) == LDAP_TAG_EXOP_RES_VALUE )
354 tag = ber_scanf( ber, "x" );
359 if( tag != LBER_ERROR ) {
360 int rc = ldap_int_get_controls( ber, serverctrls );
362 if( rc != LDAP_SUCCESS ) {
367 if( tag != LBER_ERROR ) {
368 tag = ber_scanf( ber, /*{*/"}" );
372 if ( tag == LBER_ERROR ) {
373 ld->ld_errno = errcode = LDAP_DECODING_ERROR;
381 if( errcodep != NULL ) {
382 *errcodep = ld->ld_errno;
384 if ( errcode == LDAP_SUCCESS ) {
385 if( matcheddnp != NULL ) {
386 *matcheddnp = LDAP_STRDUP( ld->ld_matched );
388 if( errmsgp != NULL ) {
389 *errmsgp = LDAP_STRDUP( ld->ld_error );
392 if( referralsp != NULL) {
393 *referralsp = ldap_value_dup( ld->ld_referrals );
396 /* Find the next result... */
397 for ( lm = lm->lm_chain; lm != NULL; lm = lm->lm_chain ) {
398 /* skip over entries and references */
399 if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY &&
400 lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE &&
401 lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL )
403 /* more results to return */
404 errcode = LDAP_MORE_RESULTS_TO_RETURN;