Tony Earnshaw wrote:
> Howard Chu skrev, on 17-02-2008 02:06:
>
>>>> Is there a list available anywhere that gives possible reasons for error
>>>> messages?
>>> Apparently not, as far as OpenLDAP is concerned.
>> Not quite. LDAP error codes are already documented in RFC4511.
>
> Ah. Well, this gives a subset (granted including 32) ... it's debatable
> whether 97, 101, 103 are status codes or error codes - where are they?
"tag=97" is not an error code or a status code. It is a message type tag. Look
in ldap.h for an overview of tag bits and definitions of all the tags used in
LDAP. They're defined in hex in ldap.h, which is why grepping for 97 won't
show it to you. 97 = 0x61, which is a Bind response. You won't find "97" in
the RFC either, instead you find the ASN.1:
BindResponse ::= [APPLICATION 1] SEQUENCE {
COMPONENTS OF LDAPResult,
serverSaslCreds [7] OCTET STRING OPTIONAL }
To really understand the correspondence you need to understand how ASN.1 is
encoded in BER. The "APPLICATION" corresponds to a specific bit (0x40). The
value "1" is simply OR'd in, yielding 0x41. The entity is a structure, not a
simple value, so it gets the Constructed bit, yielding 0x61.
I've often thought that these tags should be logged in hex instead of decimal.
Perhaps it's worth an ITS.
> 1027 [tonni:tru.leerlingen] /usr/share/doc/openldap2.4-doc-2.4.7/rfc $
> grep 103 *<
--
-- Howard Chu
Chief Architect, Symas Corp.
http://www.symas.com Director, Highland Sun
http://highlandsun.com/hyc/ Chief Architect, OpenLDAP
http://www.openldap.org/project/
