Have nsdb_open_nsdb() return the correct error when START_TLS fails to authenticate the NSDB or establish a secure connection.
Callers were displaying a confusing error message in this case. Signed-off-by: Chuck Lever <[email protected]> --- src/libnsdb/ldap.c | 3 +++ src/nfsref/add.c | 4 ++-- src/nfsref/remove.c | 4 ++-- src/nsdbc/nsdb-annotate.c | 4 ++-- src/nsdbc/nsdb-create-fsl.c | 4 ++-- src/nsdbc/nsdb-create-fsn.c | 4 ++-- src/nsdbc/nsdb-delete-fsl.c | 4 ++-- src/nsdbc/nsdb-delete-fsn.c | 4 ++-- src/nsdbc/nsdb-delete-nsdb.c | 4 ++-- src/nsdbc/nsdb-describe.c | 4 ++-- src/nsdbc/nsdb-list.c | 4 ++-- src/nsdbc/nsdb-nces.c | 4 ++-- src/nsdbc/nsdb-remove-nci.c | 4 ++-- src/nsdbc/nsdb-resolve-fsn.c | 4 ++-- src/nsdbc/nsdb-simple-nce.c | 4 ++-- src/nsdbc/nsdb-update-fsl.c | 4 ++-- src/nsdbc/nsdb-update-nci.c | 4 ++-- 17 files changed, 35 insertions(+), 32 deletions(-) diff --git a/src/libnsdb/ldap.c b/src/libnsdb/ldap.c index cbd56b6..7247e46 100644 --- a/src/libnsdb/ldap.c +++ b/src/libnsdb/ldap.c @@ -620,6 +620,9 @@ nsdb_start_tls(LDAP *ld, const char *certfile, unsigned int *ldap_err) ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void *)&msg); xlog(D_GENERAL, "%s: %s", __func__, msg); ldap_memfree(msg); + + if (rc == LDAP_CONNECT_ERROR) + return FEDFS_ERR_NSDB_AUTH; goto out_ldap_err; } diff --git a/src/nfsref/add.c b/src/nfsref/add.c index 5bac936..87d74aa 100644 --- a/src/nfsref/add.c +++ b/src/nfsref/add.c @@ -612,8 +612,8 @@ nfsref_add_nfs_fedfs(const char *junct_path, char **argv, int optind) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - xlog(L_ERROR, "Failed to authenticate to NSDB %s:%u", - nsdbname, nsdbport); + xlog(L_ERROR, "Failed to establish secure connection to " + "NSDB %s:%u", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nfsref/remove.c b/src/nfsref/remove.c index aebd284..b7aae18 100644 --- a/src/nfsref/remove.c +++ b/src/nfsref/remove.c @@ -187,8 +187,8 @@ nfsref_remove_delete_fsn(const char *junct_path) nsdb_hostname(host), nsdb_port(host)); goto out_free; case FEDFS_ERR_NSDB_AUTH: - xlog(L_ERROR, "Failed to authenticate to NSDB %s:%u", - nsdb_hostname(host), nsdb_port(host)); + xlog(L_ERROR, "Failed to establish secure connection " + "to NSDB %s:%u", nsdb_hostname(host), nsdb_port(host)); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-annotate.c b/src/nsdbc/nsdb-annotate.c index 145f857..0c52c94 100644 --- a/src/nsdbc/nsdb-annotate.c +++ b/src/nsdbc/nsdb-annotate.c @@ -262,8 +262,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-create-fsl.c b/src/nsdbc/nsdb-create-fsl.c index 9fb65fc..c75b996 100644 --- a/src/nsdbc/nsdb-create-fsl.c +++ b/src/nsdbc/nsdb-create-fsl.c @@ -265,8 +265,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish security connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-create-fsn.c b/src/nsdbc/nsdb-create-fsn.c index 551f47e..cb6d6d8 100644 --- a/src/nsdbc/nsdb-create-fsn.c +++ b/src/nsdbc/nsdb-create-fsn.c @@ -242,8 +242,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-delete-fsl.c b/src/nsdbc/nsdb-delete-fsl.c index 36d7ae6..871d621 100644 --- a/src/nsdbc/nsdb-delete-fsl.c +++ b/src/nsdbc/nsdb-delete-fsl.c @@ -224,8 +224,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-delete-fsn.c b/src/nsdbc/nsdb-delete-fsn.c index d2ba0f7..dfbba09 100644 --- a/src/nsdbc/nsdb-delete-fsn.c +++ b/src/nsdbc/nsdb-delete-fsn.c @@ -226,8 +226,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-delete-nsdb.c b/src/nsdbc/nsdb-delete-nsdb.c index 8c80ab1..fd32446 100644 --- a/src/nsdbc/nsdb-delete-nsdb.c +++ b/src/nsdbc/nsdb-delete-nsdb.c @@ -199,8 +199,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-describe.c b/src/nsdbc/nsdb-describe.c index 20a841d..2fb12ad 100644 --- a/src/nsdbc/nsdb-describe.c +++ b/src/nsdbc/nsdb-describe.c @@ -219,8 +219,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-list.c b/src/nsdbc/nsdb-list.c index 954d0d5..05367cd 100644 --- a/src/nsdbc/nsdb-list.c +++ b/src/nsdbc/nsdb-list.c @@ -289,8 +289,8 @@ again: nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: fprintf(stderr, "Failed to bind to NSDB %s:%u: %s\n", diff --git a/src/nsdbc/nsdb-nces.c b/src/nsdbc/nsdb-nces.c index b298b79..d5eca39 100644 --- a/src/nsdbc/nsdb-nces.c +++ b/src/nsdbc/nsdb-nces.c @@ -181,8 +181,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: fprintf(stderr, "Failed to bind to NSDB %s:%u: %s\n", diff --git a/src/nsdbc/nsdb-remove-nci.c b/src/nsdbc/nsdb-remove-nci.c index 16c0dc5..229ed2a 100644 --- a/src/nsdbc/nsdb-remove-nci.c +++ b/src/nsdbc/nsdb-remove-nci.c @@ -194,8 +194,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-resolve-fsn.c b/src/nsdbc/nsdb-resolve-fsn.c index ab84c50..66b1010 100644 --- a/src/nsdbc/nsdb-resolve-fsn.c +++ b/src/nsdbc/nsdb-resolve-fsn.c @@ -349,8 +349,8 @@ again: nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: fprintf(stderr, "Failed to bind to NSDB %s:%u: %s\n", diff --git a/src/nsdbc/nsdb-simple-nce.c b/src/nsdbc/nsdb-simple-nce.c index 47a514f..abc0ea8 100644 --- a/src/nsdbc/nsdb-simple-nce.c +++ b/src/nsdbc/nsdb-simple-nce.c @@ -194,8 +194,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-update-fsl.c b/src/nsdbc/nsdb-update-fsl.c index dab318e..f8cddb3 100644 --- a/src/nsdbc/nsdb-update-fsl.c +++ b/src/nsdbc/nsdb-update-fsl.c @@ -235,8 +235,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { diff --git a/src/nsdbc/nsdb-update-nci.c b/src/nsdbc/nsdb-update-nci.c index 18f9f9b..2f61c2e 100644 --- a/src/nsdbc/nsdb-update-nci.c +++ b/src/nsdbc/nsdb-update-nci.c @@ -202,8 +202,8 @@ main(int argc, char **argv) nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_AUTH: - fprintf(stderr, "Failed to authenticate to NSDB %s:%u\n", - nsdbname, nsdbport); + fprintf(stderr, "Failed to establish secure connection " + "to NSDB %s:%u\n", nsdbname, nsdbport); goto out_free; case FEDFS_ERR_NSDB_LDAP_VAL: switch (ldap_err) { _______________________________________________ fedfs-utils-devel mailing list [email protected] https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
