X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=libraries%2Flibldap%2Ferror.c;h=45f9eec86e4a8542766b7064a11d6c324ea5ce90;hb=3b9f4a82ee478c943a66696adf9133dc9f503e16;hp=26c8778047cf9a5ccaaff9e74de18020e554b864;hpb=2a869f5a99f537b246ba8640502e2a86117cb6e8;p=openldap diff --git a/libraries/libldap/error.c b/libraries/libldap/error.c index 26c8778047..45f9eec86e 100644 --- a/libraries/libldap/error.c +++ b/libraries/libldap/error.c @@ -1,57 +1,78 @@ +/* $OpenLDAP$ */ +/* + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. + * COPYING RESTRICTIONS APPLY, see COPYRIGHT file + */ + #include "portable.h" #include -#include + +#include #include #include #include -#include "lber.h" -#include "ldap.h" +#include "ldap-int.h" struct ldaperror { int e_code; - char *e_reason; + char *e_reason; }; -static struct ldaperror ldap_errlist[] = { +static struct ldaperror ldap_builtin_errlist[] = { {LDAP_SUCCESS, "Success" }, {LDAP_OPERATIONS_ERROR, "Operations error" }, {LDAP_PROTOCOL_ERROR, "Protocol error" }, - {LDAP_TIMELIMIT_EXCEEDED, "Timelimit exceeded" }, - {LDAP_SIZELIMIT_EXCEEDED, "Sizelimit exceeded" }, - {LDAP_COMPARE_FALSE, "Compare false" }, - {LDAP_COMPARE_TRUE, "Compare true" }, - {LDAP_STRONG_AUTH_NOT_SUPPORTED, "Strong authentication not supported" }, - {LDAP_STRONG_AUTH_REQUIRED, "Strong authentication required" }, + {LDAP_TIMELIMIT_EXCEEDED, "Time limit exceeded" }, + {LDAP_SIZELIMIT_EXCEEDED, "Size limit exceeded" }, + {LDAP_COMPARE_FALSE, "Compare False" }, + {LDAP_COMPARE_TRUE, "Compare True" }, + {LDAP_STRONG_AUTH_NOT_SUPPORTED, "Authentication method not supported" }, + {LDAP_STRONG_AUTH_REQUIRED, "Strong(er) authentication required" }, {LDAP_PARTIAL_RESULTS, "Partial results and referral received" }, + + {LDAP_REFERRAL, "Referral"}, + {LDAP_ADMINLIMIT_EXCEEDED, "Administrative limit exceeded"}, + {LDAP_UNAVAILABLE_CRITICAL_EXTENSION, + "Critical extension is unavailable"}, + {LDAP_CONFIDENTIALITY_REQUIRED, "Confidentiality required"}, + {LDAP_SASL_BIND_IN_PROGRESS, "SASL bind in progress"}, + {LDAP_NO_SUCH_ATTRIBUTE, "No such attribute" }, {LDAP_UNDEFINED_TYPE, "Undefined attribute type" }, {LDAP_INAPPROPRIATE_MATCHING, "Inappropriate matching" }, {LDAP_CONSTRAINT_VIOLATION, "Constraint violation" }, {LDAP_TYPE_OR_VALUE_EXISTS, "Type or value exists" }, {LDAP_INVALID_SYNTAX, "Invalid syntax" }, + {LDAP_NO_SUCH_OBJECT, "No such object" }, {LDAP_ALIAS_PROBLEM, "Alias problem" }, {LDAP_INVALID_DN_SYNTAX, "Invalid DN syntax" }, - {LDAP_IS_LEAF, "Object is a leaf" }, + {LDAP_IS_LEAF, "Entry is a leaf" }, {LDAP_ALIAS_DEREF_PROBLEM, "Alias dereferencing problem" }, + {LDAP_INAPPROPRIATE_AUTH, "Inappropriate authentication" }, {LDAP_INVALID_CREDENTIALS, "Invalid credentials" }, {LDAP_INSUFFICIENT_ACCESS, "Insufficient access" }, - {LDAP_BUSY, "DSA is busy" }, - {LDAP_UNAVAILABLE, "DSA is unavailable" }, - {LDAP_UNWILLING_TO_PERFORM, "DSA is unwilling to perform" }, + {LDAP_BUSY, "Server is busy" }, + {LDAP_UNAVAILABLE, "Server is unavailable" }, + {LDAP_UNWILLING_TO_PERFORM, "Server is unwilling to perform" }, {LDAP_LOOP_DETECT, "Loop detected" }, + {LDAP_NAMING_VIOLATION, "Naming violation" }, {LDAP_OBJECT_CLASS_VIOLATION, "Object class violation" }, - {LDAP_NOT_ALLOWED_ON_NONLEAF, "Operation not allowed on nonleaf" }, + {LDAP_NOT_ALLOWED_ON_NONLEAF, "Operation not allowed on non-leaf" }, {LDAP_NOT_ALLOWED_ON_RDN, "Operation not allowed on RDN" }, {LDAP_ALREADY_EXISTS, "Already exists" }, {LDAP_NO_OBJECT_CLASS_MODS, "Cannot modify object class" }, {LDAP_RESULTS_TOO_LARGE, "Results too large" }, - {LDAP_OTHER, "Unknown error" }, + {LDAP_AFFECTS_MULTIPLE_DSAS, "Operation affects multiple DSAs" }, + + {LDAP_OTHER, "Internal (implementation specific) error" }, + + /* API ResultCodes */ {LDAP_SERVER_DOWN, "Can't contact LDAP server" }, {LDAP_LOCAL_ERROR, "Local error" }, {LDAP_ENCODING_ERROR, "Encoding error" }, @@ -62,106 +83,306 @@ static struct ldaperror ldap_errlist[] = { {LDAP_USER_CANCELLED, "User cancelled operation" }, {LDAP_PARAM_ERROR, "Bad parameter to an ldap routine" }, {LDAP_NO_MEMORY, "Out of memory" }, - {-1, 0 } + + {LDAP_CONNECT_ERROR, "Connect error" }, + {LDAP_NOT_SUPPORTED, "Not Supported" }, + {LDAP_CONTROL_NOT_FOUND, "Control not found" }, + {LDAP_NO_RESULTS_RETURNED, "No results returned" }, + {LDAP_MORE_RESULTS_TO_RETURN, "More results to return" }, + {LDAP_CLIENT_LOOP, "Client Loop" }, + {LDAP_REFERRAL_LIMIT_EXCEEDED, "Referral Limit Exceeded" }, + + {-1, NULL} }; -char * -ldap_err2string( int err ) -{ +static struct ldaperror *ldap_errlist = ldap_builtin_errlist; + +void ldap_int_error_init( void ) { +#ifdef LDAP_NLS +#define LDAP_NLS_SDK_CAT "openldap_sdk" +#define LDAP_NLS_LIBLDAP_SET (0) + int i; + nl_catd catd = catopen( LDAP_NLS_SDK_CAT, NL_CAT_LOCALE ); - Debug( LDAP_DEBUG_TRACE, "ldap_err2string\n", 0, 0, 0 ); + if( catd == -1 ) { + return; + } + + for ( i=0; ldap_errlist[i].e_reason != NULL; i++ ) { + char *msg = catgets( catd, + LDAP_NLS_LIBLDAP_SET, + ldap_errlist[i].e_code, NULL ); - for ( i = 0; ldap_errlist[i].e_code != -1; i++ ) { - if ( err == ldap_errlist[i].e_code ) - return( ldap_errlist[i].e_reason ); + if( msg != NULL ) { + msg = LDAP_STRDUP( msg ); + + if( msg != NULL ) { + ldap_errlist[i].e_reason = msg; + } + } } - return( "Unknown error" ); + catclose( catd ); +#endif } -#ifdef LDAP_LIBUI -void -ldap_perror( LDAP *ld, char *s ) +static const struct ldaperror * +ldap_int_error( int err ) { int i; - Debug( LDAP_DEBUG_TRACE, "ldap_perror\n", 0, 0, 0 ); - - if ( ld == NULL ) { - perror( s ); - return; - } - - for ( i = 0; ldap_errlist[i].e_code != -1; i++ ) { - if ( ld->ld_errno == ldap_errlist[i].e_code ) { - fprintf( stderr, "%s: %s\n", s, - ldap_errlist[i].e_reason ); - if ( ld->ld_matched != NULL && *ld->ld_matched != '\0' ) - fprintf( stderr, "%s: matched: %s\n", s, - ld->ld_matched ); - if ( ld->ld_error != NULL && *ld->ld_error != '\0' ) - fprintf( stderr, "%s: additional info: %s\n", - s, ld->ld_error ); - fflush( stderr ); - return; + for ( i=0; ldap_errlist[i].e_reason != NULL; i++ ) { + if ( err == ldap_errlist[i].e_code ) { + return &ldap_errlist[i]; } } - fprintf( stderr, "%s: Not an LDAP errno %d\n", s, ld->ld_errno ); - fflush( stderr ); + return NULL; } +char * +ldap_err2string( int err ) +{ + const struct ldaperror *e; + +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ENTRY, "ldap_err2string\n", 0,0,0 ); #else + Debug( LDAP_DEBUG_TRACE, "ldap_err2string\n", 0, 0, 0 ); +#endif + e = ldap_int_error( err ); + + return e ? e->e_reason : "Unknown error"; +} + +/* deprecated */ void -ldap_perror( LDAP *ld, char *s ) +ldap_perror( LDAP *ld, LDAP_CONST char *str ) { -} + const struct ldaperror *e; +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ENTRY, "ldap_perror\n", 0,0,0 ); +#else + Debug( LDAP_DEBUG_TRACE, "ldap_perror\n", 0, 0, 0 ); +#endif + + assert( ld != NULL ); + assert( LDAP_VALID( ld ) ); + assert( str ); + + e = ldap_int_error( ld->ld_errno ); + + fprintf( stderr, "%s: %s (%d)\n", + str ? str : "ldap_perror", + e ? e->e_reason : "unknown LDAP result code", + ld->ld_errno ); + + if ( ld->ld_matched != NULL && ld->ld_matched[0] != '\0' ) { + fprintf( stderr, "\tmatched DN: %s\n", ld->ld_matched ); + } -#endif /* !LDAP_LIBUI */ + if ( ld->ld_error != NULL && ld->ld_error[0] != '\0' ) { + fprintf( stderr, "\tadditional info: %s\n", ld->ld_error ); + } + fflush( stderr ); +} +/* deprecated */ int ldap_result2error( LDAP *ld, LDAPMessage *r, int freeit ) +{ + int rc, err; + + rc = ldap_parse_result( ld, r, &err, + NULL, NULL, NULL, NULL, freeit ); + + return err != LDAP_SUCCESS ? err : rc; +} + +/* + * Parse LDAPResult Messages: + * + * LDAPResult ::= SEQUENCE { + * resultCode ENUMERATED, + * matchedDN LDAPDN, + * errorMessage LDAPString, + * referral [3] Referral OPTIONAL } + * + * including Bind results: + * + * BindResponse ::= [APPLICATION 1] SEQUENCE { + * COMPONENTS OF LDAPResult, + * serverSaslCreds [7] OCTET STRING OPTIONAL } + * + * and ExtendedOp results: + * + * ExtendedResponse ::= [APPLICATION 24] SEQUENCE { + * COMPONENTS OF LDAPResult, + * responseName [10] LDAPOID OPTIONAL, + * response [11] OCTET STRING OPTIONAL } + * + */ +int +ldap_parse_result( + LDAP *ld, + LDAPMessage *r, + int *errcodep, + char **matcheddnp, + char **errmsgp, + char ***referralsp, + LDAPControl ***serverctrls, + int freeit ) { LDAPMessage *lm; - BerElement ber; - long along; - int rc; + ber_int_t errcode = LDAP_SUCCESS; + + ber_tag_t tag; + BerElement *ber; - Debug( LDAP_DEBUG_TRACE, "ldap_result2error\n", 0, 0, 0 ); +#ifdef NEW_LOGGING + LDAP_LOG ( OPERATION, ENTRY, "ldap_parse_result\n", 0,0,0 ); +#else + Debug( LDAP_DEBUG_TRACE, "ldap_parse_result\n", 0, 0, 0 ); +#endif + + assert( ld != NULL ); + assert( LDAP_VALID( ld ) ); + assert( r != NULL ); + + if(errcodep != NULL) *errcodep = LDAP_SUCCESS; + if(matcheddnp != NULL) *matcheddnp = NULL; + if(errmsgp != NULL) *errmsgp = NULL; + if(referralsp != NULL) *referralsp = NULL; + if(serverctrls != NULL) *serverctrls = NULL; - if ( r == NULLMSG ) - return( LDAP_PARAM_ERROR ); + /* Find the next result... */ + for ( lm = r; lm != NULL; lm = lm->lm_chain ) { + /* skip over entries and references */ + if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY && + lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE && + lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL ) + { + break; + } + } - for ( lm = r; lm->lm_chain != NULL; lm = lm->lm_chain ) - ; /* NULL */ + if( lm == NULL ) { + ld->ld_errno = LDAP_NO_RESULTS_RETURNED; + return ld->ld_errno; + } if ( ld->ld_error ) { - free( ld->ld_error ); + LDAP_FREE( ld->ld_error ); ld->ld_error = NULL; } if ( ld->ld_matched ) { - free( ld->ld_matched ); + LDAP_FREE( ld->ld_matched ); ld->ld_matched = NULL; } - ber = *(lm->lm_ber); - if ( ld->ld_version == LDAP_VERSION2 ) { - rc = ber_scanf( &ber, "{iaa}", &along, &ld->ld_matched, - &ld->ld_error ); + /* parse results */ + + ber = ber_dup( lm->lm_ber ); + + if ( ld->ld_version < LDAP_VERSION2 ) { + tag = ber_scanf( ber, "{ia}", + &ld->ld_errno, &ld->ld_error ); } else { - rc = ber_scanf( &ber, "{ia}", &along, &ld->ld_error ); + ber_len_t len; + tag = ber_scanf( ber, "{iaa" /*}*/, + &ld->ld_errno, &ld->ld_matched, &ld->ld_error ); + + if( tag != LBER_ERROR ) { + /* peek for referrals */ + if( ber_peek_tag(ber, &len) == LDAP_TAG_REFERRAL ) { + if( referralsp != NULL ) { + tag = ber_scanf( ber, "v", referralsp ); + + } else { + /* no place to put them so skip 'em */ + tag = ber_scanf( ber, "x" ); + } + } + } + + /* need to clean out misc items */ + if( tag != LBER_ERROR ) { + if( lm->lm_msgtype == LDAP_RES_BIND ) { + /* look for sasl result creditials */ + if ( ber_peek_tag( ber, &len ) == LDAP_TAG_SASL_RES_CREDS ) { + /* skip 'em */ + tag = ber_scanf( ber, "x" ); + } + + } else if( lm->lm_msgtype == LDAP_RES_EXTENDED ) { + /* look for exop result oid or value */ + if ( ber_peek_tag( ber, &len ) == LDAP_TAG_EXOP_RES_OID ) { + /* skip 'em */ + tag = ber_scanf( ber, "x" ); + } + + if ( tag != LBER_ERROR && + ber_peek_tag( ber, &len ) == LDAP_TAG_EXOP_RES_VALUE ) + { + /* skip 'em */ + tag = ber_scanf( ber, "x" ); + } + } + } + + if( tag != LBER_ERROR ) { + int rc = ldap_int_get_controls( ber, serverctrls ); + + if( rc != LDAP_SUCCESS ) { + tag = LBER_ERROR; + } + } + + if( tag != LBER_ERROR ) { + tag = ber_scanf( ber, /*{*/"}" ); + } } - if ( rc == LBER_ERROR ) { - ld->ld_errno = LDAP_DECODING_ERROR; - } else { - ld->ld_errno = (int) along; + + if ( tag == LBER_ERROR ) { + ld->ld_errno = errcode = LDAP_DECODING_ERROR; } - if ( freeit ) + if( ber != NULL ) { + ber_free( ber, 0 ); + } + + /* return */ + if( errcodep != NULL ) { + *errcodep = ld->ld_errno; + } + if ( errcode == LDAP_SUCCESS ) { + if( matcheddnp != NULL ) { + *matcheddnp = LDAP_STRDUP( ld->ld_matched ); + } + if( errmsgp != NULL ) { + *errmsgp = LDAP_STRDUP( ld->ld_error ); + } + + /* Find the next result... */ + for ( lm = lm->lm_chain; lm != NULL; lm = lm->lm_chain ) { + /* skip over entries and references */ + if( lm->lm_msgtype != LDAP_RES_SEARCH_ENTRY && + lm->lm_msgtype != LDAP_RES_SEARCH_REFERENCE && + lm->lm_msgtype != LDAP_RES_EXTENDED_PARTIAL ) + { + /* more results to return */ + errcode = LDAP_MORE_RESULTS_TO_RETURN; + break; + } + } + } + + if ( freeit ) { ldap_msgfree( r ); + } - return( ld->ld_errno ); + return( errcode ); }