[fedfs-utils] [PATCH 05/11] libnsdb: Return FEDFS_ERR_NSDB_AUTH when START_TLS fails
Chuck Lever
chuck.lever at oracle.com
Thu Jan 24 10:35:14 PST 2013
Have nsdb_open_nsdb() return the correct error when START_TLS
fails to authenticate the NSDB or establish a secure connection.
Callers were displaying a confusing error message in this case.
Signed-off-by: Chuck Lever <chuck.lever at oracle.com>
---
src/libnsdb/ldap.c | 3 +++
src/nfsref/add.c | 4 ++--
src/nfsref/remove.c | 4 ++--
src/nsdbc/nsdb-annotate.c | 4 ++--
src/nsdbc/nsdb-create-fsl.c | 4 ++--
src/nsdbc/nsdb-create-fsn.c | 4 ++--
src/nsdbc/nsdb-delete-fsl.c | 4 ++--
src/nsdbc/nsdb-delete-fsn.c | 4 ++--
src/nsdbc/nsdb-delete-nsdb.c | 4 ++--
src/nsdbc/nsdb-describe.c | 4 ++--
src/nsdbc/nsdb-list.c | 4 ++--
src/nsdbc/nsdb-nces.c | 4 ++--
src/nsdbc/nsdb-remove-nci.c | 4 ++--
src/nsdbc/nsdb-resolve-fsn.c | 4 ++--
src/nsdbc/nsdb-simple-nce.c | 4 ++--
src/nsdbc/nsdb-update-fsl.c | 4 ++--
src/nsdbc/nsdb-update-nci.c | 4 ++--
17 files changed, 35 insertions(+), 32 deletions(-)
diff --git a/src/libnsdb/ldap.c b/src/libnsdb/ldap.c
index cbd56b6..7247e46 100644
--- a/src/libnsdb/ldap.c
+++ b/src/libnsdb/ldap.c
@@ -620,6 +620,9 @@ nsdb_start_tls(LDAP *ld, const char *certfile, unsigned int *ldap_err)
ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void *)&msg);
xlog(D_GENERAL, "%s: %s", __func__, msg);
ldap_memfree(msg);
+
+ if (rc == LDAP_CONNECT_ERROR)
+ return FEDFS_ERR_NSDB_AUTH;
goto out_ldap_err;
}
diff --git a/src/nfsref/add.c b/src/nfsref/add.c
index 5bac936..87d74aa 100644
--- a/src/nfsref/add.c
+++ b/src/nfsref/add.c
@@ -612,8 +612,8 @@ nfsref_add_nfs_fedfs(const char *junct_path, char **argv, int optind)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- xlog(L_ERROR, "Failed to authenticate to NSDB %s:%u",
- nsdbname, nsdbport);
+ xlog(L_ERROR, "Failed to establish secure connection to "
+ "NSDB %s:%u", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nfsref/remove.c b/src/nfsref/remove.c
index aebd284..b7aae18 100644
--- a/src/nfsref/remove.c
+++ b/src/nfsref/remove.c
@@ -187,8 +187,8 @@ nfsref_remove_delete_fsn(const char *junct_path)
nsdb_hostname(host), nsdb_port(host));
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- xlog(L_ERROR, "Failed to authenticate to NSDB %s:%u",
- nsdb_hostname(host), nsdb_port(host));
+ xlog(L_ERROR, "Failed to establish secure connection "
+ "to NSDB %s:%u", nsdb_hostname(host), nsdb_port(host));
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-annotate.c b/src/nsdbc/nsdb-annotate.c
index 145f857..0c52c94 100644
--- a/src/nsdbc/nsdb-annotate.c
+++ b/src/nsdbc/nsdb-annotate.c
@@ -262,8 +262,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-create-fsl.c b/src/nsdbc/nsdb-create-fsl.c
index 9fb65fc..c75b996 100644
--- a/src/nsdbc/nsdb-create-fsl.c
+++ b/src/nsdbc/nsdb-create-fsl.c
@@ -265,8 +265,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish security connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-create-fsn.c b/src/nsdbc/nsdb-create-fsn.c
index 551f47e..cb6d6d8 100644
--- a/src/nsdbc/nsdb-create-fsn.c
+++ b/src/nsdbc/nsdb-create-fsn.c
@@ -242,8 +242,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-delete-fsl.c b/src/nsdbc/nsdb-delete-fsl.c
index 36d7ae6..871d621 100644
--- a/src/nsdbc/nsdb-delete-fsl.c
+++ b/src/nsdbc/nsdb-delete-fsl.c
@@ -224,8 +224,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-delete-fsn.c b/src/nsdbc/nsdb-delete-fsn.c
index d2ba0f7..dfbba09 100644
--- a/src/nsdbc/nsdb-delete-fsn.c
+++ b/src/nsdbc/nsdb-delete-fsn.c
@@ -226,8 +226,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-delete-nsdb.c b/src/nsdbc/nsdb-delete-nsdb.c
index 8c80ab1..fd32446 100644
--- a/src/nsdbc/nsdb-delete-nsdb.c
+++ b/src/nsdbc/nsdb-delete-nsdb.c
@@ -199,8 +199,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-describe.c b/src/nsdbc/nsdb-describe.c
index 20a841d..2fb12ad 100644
--- a/src/nsdbc/nsdb-describe.c
+++ b/src/nsdbc/nsdb-describe.c
@@ -219,8 +219,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-list.c b/src/nsdbc/nsdb-list.c
index 954d0d5..05367cd 100644
--- a/src/nsdbc/nsdb-list.c
+++ b/src/nsdbc/nsdb-list.c
@@ -289,8 +289,8 @@ again:
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
fprintf(stderr, "Failed to bind to NSDB %s:%u: %s\n",
diff --git a/src/nsdbc/nsdb-nces.c b/src/nsdbc/nsdb-nces.c
index b298b79..d5eca39 100644
--- a/src/nsdbc/nsdb-nces.c
+++ b/src/nsdbc/nsdb-nces.c
@@ -181,8 +181,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
fprintf(stderr, "Failed to bind to NSDB %s:%u: %s\n",
diff --git a/src/nsdbc/nsdb-remove-nci.c b/src/nsdbc/nsdb-remove-nci.c
index 16c0dc5..229ed2a 100644
--- a/src/nsdbc/nsdb-remove-nci.c
+++ b/src/nsdbc/nsdb-remove-nci.c
@@ -194,8 +194,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-resolve-fsn.c b/src/nsdbc/nsdb-resolve-fsn.c
index ab84c50..66b1010 100644
--- a/src/nsdbc/nsdb-resolve-fsn.c
+++ b/src/nsdbc/nsdb-resolve-fsn.c
@@ -349,8 +349,8 @@ again:
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
fprintf(stderr, "Failed to bind to NSDB %s:%u: %s\n",
diff --git a/src/nsdbc/nsdb-simple-nce.c b/src/nsdbc/nsdb-simple-nce.c
index 47a514f..abc0ea8 100644
--- a/src/nsdbc/nsdb-simple-nce.c
+++ b/src/nsdbc/nsdb-simple-nce.c
@@ -194,8 +194,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-update-fsl.c b/src/nsdbc/nsdb-update-fsl.c
index dab318e..f8cddb3 100644
--- a/src/nsdbc/nsdb-update-fsl.c
+++ b/src/nsdbc/nsdb-update-fsl.c
@@ -235,8 +235,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
diff --git a/src/nsdbc/nsdb-update-nci.c b/src/nsdbc/nsdb-update-nci.c
index 18f9f9b..2f61c2e 100644
--- a/src/nsdbc/nsdb-update-nci.c
+++ b/src/nsdbc/nsdb-update-nci.c
@@ -202,8 +202,8 @@ main(int argc, char **argv)
nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_AUTH:
- fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n",
- nsdbname, nsdbport);
+ fprintf(stderr, "Failed to establish secure connection "
+ "to NSDB %s:%u\n", nsdbname, nsdbport);
goto out_free;
case FEDFS_ERR_NSDB_LDAP_VAL:
switch (ldap_err) {
More information about the fedfs-utils-devel
mailing list