Bug 1095603

Summary: Any negative error code number reported as Illegal error by ldclt.
Product: Red Hat Enterprise Linux 7 Reporter: Amita Sharma <amsharma>
Component: 389-ds-baseAssignee: Noriko Hosoi <nhosoi>
Status: CLOSED ERRATA QA Contact: Viktor Ashirov <vashirov>
Severity: low Docs Contact:
Priority: low    
Version: 7.0CC: amsharma, nkinder, rmeggins
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: 389-ds-base-1.3.4.0-6.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-19 11:42:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Amita Sharma 2014-05-08 06:56:14 UTC 
Description of problem:
Any -ve error code number reported as Illegal error by ldclt.

Version-Release number of selected component (if applicable):
389-ds-base-1.3.1.6-25.el7.x86_64


How reproducible:
Always

Steps to Reproduce:
1. Perform any OpenLDAP operation with ldclt which should give negative error for example 
/usr/bin/ldclt-bin -h dhcp201-149.englab.pnq.redhat.com -p 34004 -e
esearch -e bindeach -e randomauthid -e randomauthidlow=1 -e
randomauthidhigh=9999 -o mech=DIGEST-MD5 -o authid=loginXXXX -w redhat
-s base -b o=saslstress.com -f uid=modify* -V -q -E 10004 -n 10 -N
20000 -T 1000 -W 2

2. It will give ldclt[12170]: Illegal error number -6 in SASL

Actual results:
ldclt[12170]: Illegal error number -6 in SASL

Expected results:
It should report better error message.

More Info::(By Nathan)
Negative LDAP errors are local (client-side) errors in OpenLDAP.  Here
is how -6 is defined:

--------------------------------------------------------------
#define LDAP_AUTH_UNKNOWN                               (-6)
--------------------------------------------------------------

In mozldap, there were no negative error codes at all.  It might be that
ldclt doesn't expect a negative code, and reports a poor error message
when it encounters it.  This error code could be returned if an unknown
SASL mechanism was attempted (though I haven't confirmed this).

There is a minor ldclt bug in that it should expect that negative error
codes could be encountered.  This code is the culprit:

----------------------------------------------------------------
  /*
   * Update the counters
   */
  if ((err <= 0) || (err >= MAX_ERROR_NB))
  {
    fprintf (stderr, "ldclt[%d]: Illegal error number %d\n", mctx.pid, err);
    fflush (stderr);
    mctx.errorsBad++;
  }
----------------------------------------------------------------
Comment 2 Noriko Hosoi 2014-05-09 20:00:16 UTC 
Upstream ticket:
https://fedorahosted.org/389/ticket/47799
Comment 5 Amita Sharma 2015-09-01 09:31:42 UTC 
No more illegal error notification, I could see ::
=====================================================
dclt[10280]: Global average rate:   68.80/thr  (  3.82/sec), total:    344
ldclt[10280]: Global number times "no activity" reports: never
ldclt[10280]: Global number of dead threads: 1
ldclt[10280]: Global error -6 (Unknown authentication method) occurs     1 times
Catch SIGINT - exit...
ldclt[10280]: Ending at Tue Sep  1 14:52:11 2015
ldclt[10280]: Exit status 0 - No problem during execution.


[root@dhcp201-167 ~]# rpm -qa | grep 389
389-ds-base-devel-1.3.4.0-14.el7.x86_64
389-ds-base-libs-1.3.4.0-14.el7.x86_64
389-ds-base-debuginfo-1.3.4.0-14.el7.x86_64
389-ds-base-1.3.4.0-14.el7.x86_64

Hence marking bug as VERIFIED.
Comment 6 errata-xmlrpc 2015-11-19 11:42:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-2351.html