On Thu, Apr 13, 2023 at 11:29:34PM +0000, Jordan Brown wrote:
On 4/13/2023 10:36 AM, Quanah Gibson-Mount wrote:
Those are the result codes that are provided to the client per RFC. Feel free to write a new RFC expanding on the result codes.
OpenLDAP could have additional non-RFC features that would allow you to retrieve more error information.
There are dozens of OpenLDAP-specific options. An OpenLDAP-specific option could retrieve additional error information.
So the first question is "does OpenLDAP have such a thing?". It sounds like the answer is "no".
Hi Jordan, AFAIK that's correct, some of what you're asking for depends on the errno, some of it is in TLS code and very little, if anything, is currently preserved for that kind of use. A pretty comprehensive walk of the codebase might be needed to cover the lot?
In that case, please consider this to be a request for such a feature. Diagnosing LDAP client connection problems is a significant cost; anything that we can do to make it easier would be worthwhile. I would be happy to participate in the design and implementation of such a feature.
Given you've already considered a usecase and some of the requirements users might have on this kind of feature, you're welcome to propose one yourself. If it's ready for inclusion in 2.7, that's where it could go. We can assist where you're unsure of the codebase and eventually review.
If you want to go that route, let's move the planning into -devel.
Regards,