[Date Prev][Date Next]
Re: tls-related ldap_perror misleading in clients
At 12:48 AM 2001-09-02, Pierangelo Masarati wrote:
>I got a nasty behavior out of the clients when using -ZZ, because I was
>having failure of the tls with reason ": Success". This is because the
>failure occurred in ldap_int_tls_start() which didn't properly set the
>error in the LDAP structure. So ldap_start_tls_s returns an error code,
>but when the ldap_perror is invoked by the ldap*.c client the string is
>success. I fixed it by using ldap_err2string() instead of ldap_perror
>(which is deprecated in the code according to a comment);
>if there's consensus I'll patch all the clients.
For now, this is likely the best solution. Long term we need to
separate protocol resultCode/errText from API error/errText. But
I don't see that happening without a complete redesign of the
Anyways, if you patch one tool, please patch them all.