[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: internal error -5 in syslog with ldapsearch



more info:
the only time i see -5 (SASL_BADPROT) set as the return value in sasl_getprop() is when the sasl property is SASL_DEFUSERREALM, which  i see this being used in cyrus.c.  ive put in a check after the sasl_getprop call with SASL_DEFUSERREALM to see the return code which is indeed -5.  it sets BADPROT because the sasl coneection type is not SASL_CONN_SERVER
 
the ldap sasl bind obviously must work, even though it cant determine the default user realm from the sasl connection state.
is this nothing to worry about? 
 -----Original Message-----
From: Chapman, Kyle
Sent: Wednesday, February 05, 2003 11:57 AM
To: openldap-software@OpenLDAP.org
Subject: internal error -5 in syslog with ldapsearch

env:
solaris 8
openldap 2.1.12
sasl 2.1.10
openssl-0.9.7
krb5-1.2.7
 
when using ldapsearch with any sasl mech (gssapi, digest-md5) i see the following line in syslog:
ldapsearch[24721]: [ID 702911 auth.notice] Internal Error -5 in common.c near line 630
 
this is from common.c from sasl which is sasl_getprop()
 
the search doesnt fail, and in fact hasnt ever failed because of this internal error, but just logs it.  i would assume the error isnt critical as it doesnt cause the connection to fail, auth to fail or return garbage.  if it is safe to ignore, cool.  or is this an error others have seen before?  i found a sasl (-5) error with kerberos IV but that was causing ldapsearch to not work at all.
 
 
KSC
Network/Systems Engineer
www.g1.com
 
 
Here is a really great OS
www.freebsd.org
 

NOTICE: This E-mail may contain confidential information. If you are not the addressee or the intended recipient please do not read this E-mail and please immediately delete this e-mail message and any attachments from your workstation or network mail system. If you are the addressee or the intended recipient and you save or print a copy of this E-mail, please place it in an appropriate file, depending on whether confidential information is contained in the message.

NOTICE: This E-mail may contain confidential information. If you are not the addressee or the intended recipient please do not read this E-mail and please immediately delete this e-mail message and any attachments from your workstation or network mail system. If you are the addressee or the intended recipient and you save or print a copy of this E-mail, please place it in an appropriate file, depending on whether confidential information is contained in the message.