19 Feb
2010
19 Feb
'10
1:15 p.m.
Brian A. Seklecki (CFI NOC) wrote:
Steve, I agree:
This error gets printed with "-1" under too many conditions. Just look at: libraries/libldap/tls2.c::ldap_pvt_tls_set_option() RC Return Code -1 could happen in about a dozen places. I think we need to take a two step approach to fixing this: 1) Long term, implement OpenSSL's err(3)What are you talking about? tlso_report_error() already prints the OpenSSL error messages. All OpenSSL error messages have been fully logged, for years.
I think I see the issue: tlso_report_error() uses libldap's Debug(), which does not hit syslog. We only see TLS logs with -d stats.
p.