[Pkg-nagios-devel] Bug#425137: Bug#425137: check_ldap fails to report actual LDAP errors

Thu Oct 15 19:46:28 UTC 2009

Hi Josip,

checking old bugs, I stumbled upon this.

On Saturday, 19. May 2007, Josip Rodin wrote:
> The check_ldap plugin does this:
> 
> % /usr/lib/nagios/plugins/check_ldap -H '<validip>' -b '<validdn>'
> Could not bind to the ldap-server
> 
> Whereas, tethereal reveals that the message received was:
> 
> Lightweight Directory Access Protocol
>     LDAP Message, Bind Result
>         Message Id: 1
>         Message Type: Bind Result (0x01)
>         Message Length: 64
>         Response To: 4
>         Time: 0.000067000 seconds
>         Result Code: protocolError (0x02)
>         Matched DN: (null)
>         Error Message: historical protocol version requested, use LDAPv3
>  instead
> 
> Now, why didn't check_ldap communicate that? Because it has this
> in the code (plugins/check_ldap.c):
> 
>         /* bind to the ldap server */
>         if (ldap_bind_s (ld, ld_binddn, ld_passwd, LDAP_AUTH_SIMPLE) !=
>                         LDAP_SUCCESS) {
>                 /*ldap_perror(ld, "ldap_bind"); */
>                 printf (_("Could not bind to the ldap-server\n"));
>                 return STATE_CRITICAL;
>         }
> 
> How hard was it to put that ldap_perror() string in the printf'ed
> error message? :(
> 
> A quick grep for ldap_perror shows that there are other occurences of the
> same problem in the same file.

looking into the actual code and into the git tree, indicates, that there 
should be changes about this issue. With 1.4.10 should be introduced[1] a 
verbose option, which looks like what you want. Can you please have a look 
into it and give feedback.

Thanks and with kind regards, Jan.
[1] 
http://repo.or.cz/w/nagiosplugins.git?a=commitdiff;h=5d11612ecb23c6496d8faaedbcc1b9371628be53
-- 
Never write mail to <waja at spamfalle.info>, you have been warned!
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT d-- s+: a- C+++ UL++++ P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE
Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++
------END GEEK CODE BLOCK------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-nagios-devel/attachments/20091015/899b761b/attachment.pgp>