[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tls-related ldap_perror misleading in clients

At 12:48 AM 2001-09-02, Pierangelo Masarati wrote:
>I got a nasty behavior out of the clients when using -ZZ, because I was
>having failure of the tls with reason ": Success". This is because the
>failure occurred in ldap_int_tls_start() which didn't properly set the 
>error in the LDAP structure. So ldap_start_tls_s returns an error code,
>but when the ldap_perror is invoked by the ldap*.c client the string is
>success. I fixed it by using ldap_err2string() instead of ldap_perror 
>(which is deprecated in the code according to a comment); 
>if there's consensus I'll patch all the clients.

For now, this is likely the best solution.  Long term we need to
separate protocol resultCode/errText from API error/errText.  But
I don't see that happening without a complete redesign of the

Anyways, if you patch one tool, please patch them all.