صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
Apq
/
389-ds-base
mirrorاز https://github.com/389ds/389-ds-base.git
1
0
انشعاب 0
پرونده‌ها مشکلات 0 ویکی
فهرست منبع

Bug 691313 - Need TLS/SSL error messages in repl status and errors log

When an error is encnountered during the bind operation in the
beginning of a replication session, the error is only logged
at the fatal level the first time it is encountered.  If replication
level logging is turned on, it can be easy to miss the error the
first time, so the subsequent debug logging is not very useful.

This patch makes us log repeated bind errors at the replication log
level only.  The first time an error is encountered, it will still
be logged at the fatal level.
Nathan Kinder 14 سال پیش
والد
354249c125
کامیت
a24d9cca5f
2فایلهای تغییر یافته به همراه22 افزوده شده و 2 حذف شده
مشاهده تقسیم شده نمایش آمار تفاوت ها
  1. 11 1
      ldap/servers/plugins/replication/repl5_connection.c
  2. 11 1
      ldap/servers/plugins/replication/windows_connection.c

+ 11 - 1
ldap/servers/plugins/replication/repl5_connection.c
مشاهده فایل 

@@ -1799,7 +1799,8 @@ bind_and_check_pwp(Repl_Connection *conn, char * binddn, char *password)
 
 	else 
 	{
 
 		ldap_controls_free( ctrls );
 
-		/* Do not report the same error over and over again */
 
+		/* Do not report the same error over and over again
 
+		 * unless replication level logging is enabled. */
 
 		if (conn->last_ldap_error != rc)
 
 		{
 
 			char *errmsg = NULL;
 
@@ -1811,6 +1812,15 @@ bind_and_check_pwp(Repl_Connection *conn, char * binddn, char *password)
 
 							agmt_get_long_name(conn->agmt),
 
 							mech ? mech : "SIMPLE", rc,
 
 							ldap_err2string(rc), errmsg);
 
+		} else {
 
+			char *errmsg = NULL;
 
+			/* errmsg is a pointer directly into the ld structure - do not free */
 
+			rc = slapi_ldap_get_lderrno( ld, NULL, &errmsg );
 
+			slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
 
+							"%s: Replication bind with %s auth failed: LDAP error %d (%s) (%s)\n",
 
+							agmt_get_long_name(conn->agmt),
 
+							mech ? mech : "SIMPLE", rc,
 
+							ldap_err2string(rc), errmsg);
 
 		}
 
 
 		return (CONN_OPERATION_FAILED);

+ 11 - 1
ldap/servers/plugins/replication/windows_connection.c
مشاهده فایل 

@@ -1802,7 +1802,8 @@ bind_and_check_pwp(Repl_Connection *conn, char * binddn, char *password)
 
 	else 
 	{
 
 		ldap_controls_free( ctrls );
 
-		/* Do not report the same error over and over again */
 
+		/* Do not report the same error over and over again
 
+		 * unless replication level logging is enabled. */
 
 		if (conn->last_ldap_error != rc)
 
 		{
 
 			char *errmsg = NULL;
 
@@ -1814,6 +1815,15 @@ bind_and_check_pwp(Repl_Connection *conn, char * binddn, char *password)
 
 							agmt_get_long_name(conn->agmt),
 
 							mech ? mech : "SIMPLE", rc,
 
 							ldap_err2string(rc), errmsg);
 
+		} else {
 
+			char *errmsg = NULL;
 
+			/* errmsg is a pointer directly into the ld structure - do not free */
 
+			rc = slapi_ldap_get_lderrno( ld, NULL, &errmsg );
 
+			slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
 
+							"%s: Replication bind with %s auth failed: LDAP error %d (%s) (%s)\n",
 
+							agmt_get_long_name(conn->agmt),
 
+							mech ? mech : "SIMPLE", rc,
 
+							ldap_err2string(rc), errmsg);
 
 		}
 
 
 		LDAPDebug( LDAP_DEBUG_TRACE, "<= bind_and_check_pwp - CONN_OPERATION_FAILED\n", 0, 0, 0 );