From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Thu, 17 Aug 2023 21:17:13 +0000 (-0600)
Subject: ldap: Print why URI parsing failed
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0e43f6cde8b6655a7128b9f81fca292ed2e1418d;p=thirdparty%2Ffreeradius-server.git

ldap: Print why URI parsing failed
---

diff --git a/src/lib/ldap/base.h b/src/lib/ldap/base.h
index 28f12a9e669..56929b383ff 100644
--- a/src/lib/ldap/base.h
+++ b/src/lib/ldap/base.h
@@ -945,6 +945,8 @@ int		fr_ldap_server_url_check(fr_ldap_config_t *handle_config, char const *serve
 
 int		fr_ldap_server_config_check(fr_ldap_config_t *handle_config, char const *server, CONF_SECTION *cs);
 
+void		*fr_ldap_url_err_to_str(int ldap_url_err)
+
 /*
  *	referral.c - Handle LDAP referrals
  */
diff --git a/src/lib/ldap/util.c b/src/lib/ldap/util.c
index 9868bfe4556..a4763abab85 100644
--- a/src/lib/ldap/util.c
+++ b/src/lib/ldap/util.c
@@ -708,3 +708,48 @@ int fr_ldap_server_config_check(fr_ldap_config_t *handle_config, char const *ser
 						       (int)len, server, port);
 	return 0;
 }
+
+/** Translate the error code emitted from ldap_url_parse and friends into something accessible with fr_strerror()
+ *
+ * @param[in] ldap_url_err	The error code returned
+ */
+void *fr_ldap_url_err_to_str(int ldap_url_err)
+{
+	switch (ldap_url_err) {
+	case LDAP_URL_SUCCESS:
+		return "success";
+
+	case LDAP_URL_ERR_MEM:
+		return "no memory";
+
+	case LDAP_URL_ERR_PARAM:
+		return "parameter is bad";
+
+	case LDAP_URL_ERR_BADSCHEME:
+		return "URL doesn't begin with \"[c]ldap[si]://\"";
+
+	case LDAP_URL_ERR_BADENCLOSURE:
+		return "URL is missing trailing \">\"";
+
+	case LDAP_URL_ERR_BADURL:
+		return "URL is bad";
+
+	case LDAP_URL_ERR_BADHOST:
+		return "host/port is bad";
+
+	case LDAP_URL_ERR_BADATTRS:
+		return "bad (or missing) attributes";
+
+	case LDAP_URL_ERR_BADSCOPE:
+		return "scope string is invalid (or missing)";
+
+	case LDAP_URL_ERR_BADFILTER:
+		return "bad or missing filter";
+
+	case LDAP_URL_ERR_BADEXTS:
+		return "bad or missing extensions";
+
+	default:
+		return "unknown reason";
+	}
+}
diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index d8b98b80f16..6160cf534fe 100644
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -576,6 +576,7 @@ static xlat_action_t ldap_xlat(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
 	fr_ldap_query_t		*query = NULL;
 
 	LDAPURLDesc		*ldap_url;
+	int			ldap_url_ret;
 
 	XLAT_ARGS(in, &uri_components);
 
@@ -597,8 +598,9 @@ static xlat_action_t ldap_xlat(UNUSED TALLOC_CTX *ctx, UNUSED fr_dcursor_t *out,
 		return XLAT_ACTION_FAIL;
 	}
 
-	if (ldap_url_parse(uri->vb_strvalue, &ldap_url)){
-		REDEBUG("Parsing LDAP URL failed");
+	ldap_url_ret = ldap_url_parse(uri->vb_strvalue, &ldap_url);
+	if (ldap_url_ret != LDAP_URL_SUCCESS){
+		RPEDEBUG("Parsing LDAP URL failed - %s", fr_ldap_url_err_to_str(ldap_url_ret));
 	error:
 		ldap_free_urldesc(ldap_url);
 		talloc_free(query);
@@ -1012,6 +1014,7 @@ static unlang_action_t mod_map_proc(rlm_rcode_t *p_result, void *mod_inst, UNUSE
 	fr_ldap_thread_t	*thread = talloc_get_type_abort(module_rlm_thread_by_data(inst)->data, fr_ldap_thread_t);
 
 	LDAPURLDesc		*ldap_url;
+	int			ldap_url_ret;
 	char const 		*url_str;
 
 	fr_ldap_thread_trunk_t	*ttrunk;
@@ -1045,8 +1048,9 @@ static unlang_action_t mod_map_proc(rlm_rcode_t *p_result, void *mod_inst, UNUSE
 	talloc_set_destructor(map_ctx, map_ctx_free);
 	map_ctx->maps = maps;
 
-	if (ldap_url_parse(url_str, &map_ctx->ldap_url)){
-		REDEBUG("Parsing LDAP URL failed");
+	ldap_url_ret = ldap_url_parse(url_str, &map_ctx->ldap_url);
+	if (ldap_url_ret != LDAP_URL_SUCCESS){
+		RPEDEBUG("Parsing LDAP URL failed - %s", fr_ldap_url_err_to_str(ldap_url_ret));
 	fail:
 		talloc_free(map_ctx);
 		RETURN_MODULE_FAIL;