diff options
author | Rob Crittenden <rcritten@redhat.com> | 2011-07-06 10:30:24 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-07-19 20:41:54 -0400 |
commit | 02df85bb2e1e5142285b185803a118f4430dbe1f (patch) | |
tree | a79c8c28a1bc149fbc8d8834bdac2c8022152141 /ipa-client/ipa-join.c | |
parent | e8c7eaf260d4515b9e31e8423d143a1e13e840cb (diff) | |
download | freeipa-02df85bb2e1e5142285b185803a118f4430dbe1f.tar.gz freeipa-02df85bb2e1e5142285b185803a118f4430dbe1f.tar.xz freeipa-02df85bb2e1e5142285b185803a118f4430dbe1f.zip |
Make ipa-client-install error messages more understandable and relevant.
* Check remote LDAP server to see if it is a V2 server
* Replace numeric return values with alphanumeric constants
* Display the error message from the ipa-enrollment extended op
* Remove generic join failed error message when XML-RPC fails
* Don't display Certificate subject base when enrollment fails
* Return proper error message when LDAP bind fails
https://fedorahosted.org/freeipa/ticket/1417
Diffstat (limited to 'ipa-client/ipa-join.c')
-rw-r--r-- | ipa-client/ipa-join.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c index 21c087b6..95f2939c 100644 --- a/ipa-client/ipa-join.c +++ b/ipa-client/ipa-join.c @@ -475,15 +475,9 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha /* Now rebind as the host */ ld = connect_ldap(ipaserver, *binddn, bindpw); if (!ld) { - if (has_principal) { - if (!quiet) - fprintf(stderr, _("Host is already joined.\n")); - rval = 13; - } else { - if (!quiet) - fprintf(stderr, _("Incorrect password.\n")); - rval = 15; - } + if (!quiet) + fprintf(stderr, _("Incorrect password.\n")); + rval = 15; goto done; } @@ -491,13 +485,19 @@ join_ldap(const char *ipaserver, char *hostname, const char ** binddn, const cha valrequest.bv_len = strlen(hostname); if ((rc = ldap_extended_operation_s(ld, JOIN_OID, &valrequest, NULL, NULL, &oidresult, &valresult)) != LDAP_SUCCESS) { + char *s = NULL; +#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE + ldap_get_option(ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, &s); +#else + ldap_get_option(ld, LDAP_OPT_ERROR_STRING, &s); +#endif if (!quiet) - fprintf(stderr, _("principal not found in host entry\n")); + fprintf(stderr, _("Enrollment failed. %s\n"), s); if (debug) { fprintf(stderr, "ldap_extended_operation_s failed: %s", ldap_err2string(rc)); } - rval = 18; + rval = 13; goto ldap_done; } @@ -1003,7 +1003,7 @@ join(const char *server, const char *hostname, const char *bindpw, const char *k } cleanup: - if (NULL != subject && !quiet) + if (NULL != subject && !quiet && rval == 0) fprintf(stderr, _("Certificate subject base is: %s\n"), subject); free((char *)princ); |