[Date Prev][Date Next] [Chronological] [Thread] [Top]

proposal, library error codes for TLS failures

To: openldap-devel@openldap.org
Subject: proposal, library error codes for TLS failures
From: Jan VÄelÃk <jvcelak@redhat.com>
Date: Thu, 12 Apr 2012 18:49:19 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120329 Thunderbird/11.0.1

Hello list.

People from SSSD would like to have a better information when some TLSoperation in OpenLDAP library fails, instead of a generalLDAP_CONNECT_ERROR. I already mentioned it on this list some time ago:

http://www.openldap.org/lists/openldap-devel/201105/msg00011.html

I can write a patch for this, but I would like to discuss it with youbefore.

I already tried something. I added LDAP_TLS_INITIALIZATION_ERROR (-19)and LDAP_TLS_NEGOTIATION_ERROR (-20) API error codes and slightlymodified the TLS code in OpenLDAP to propagate the errors. These two newerror codes are sufficient for SSSD.

Currently I have covered only the code for Mozilla NSS backend and itstill needs some tunings. I would like to know, if adding the errorcodes this way is acceptable. Should I proceed? Or should it be done adifferent way?


Thanks & regards,

Jan

Follow-Ups:
- Re: proposal, library error codes for TLS failures
  - From: Hallvard Breien Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: mdb meta pages
Next by Date: Move DDS-specific schema out of slap_schema?
Index(es):
- Chronological
- Thread