scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-31 02:28:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve error outputs (#8740)

Browse Source 
Makes "ldap operation failed" error messages a little more useful. Also
makes the errors unique so it's easier to debug where an error is coming
from when one occurs.
This commit is contained in:
Michael Golowka
2020-04-14 14:08:07 -06:00
committed by GitHub
parent 1530c05430
commit bc5300d3ea
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
builtin/credential/ldap/backend.go
View File

@@ -93,7 +93,7 @@ func (b *backend) Login(ctx context.Context, req *logical.Request, username stri
if b.Logger().IsDebug() { if b.Logger().IsDebug() {
b.Logger().Debug("error getting user bind DN", "error", err) b.Logger().Debug("error getting user bind DN", "error", err)
} }
return nil, logical.ErrorResponse("ldap operation failed"), nil, nil return nil, logical.ErrorResponse("ldap operation failed: unable to retrieve user bind DN"), nil, nil
} }
if b.Logger().IsDebug() { if b.Logger().IsDebug() {
@@ -110,7 +110,7 @@ func (b *backend) Login(ctx context.Context, req *logical.Request, username stri
if b.Logger().IsDebug() { if b.Logger().IsDebug() {
b.Logger().Debug("ldap bind failed", "error", err) b.Logger().Debug("ldap bind failed", "error", err)
} }
return nil, logical.ErrorResponse("ldap operation failed"), nil, nil return nil, logical.ErrorResponse("ldap operation failed: failed to bind as user"), nil, nil
} }
// We re-bind to the BindDN if it's defined because we assume // We re-bind to the BindDN if it's defined because we assume
@@ -120,7 +120,7 @@ func (b *backend) Login(ctx context.Context, req *logical.Request, username stri
if b.Logger().IsDebug() { if b.Logger().IsDebug() {
b.Logger().Debug("error while attempting to re-bind with the BindDN User", "error", err) b.Logger().Debug("error while attempting to re-bind with the BindDN User", "error", err)
} }
return nil, logical.ErrorResponse("ldap operation failed"), nil, nil return nil, logical.ErrorResponse("ldap operation failed: failed to re-bind with the BindDN user"), nil, nil
} }
if b.Logger().IsDebug() { if b.Logger().IsDebug() {
b.Logger().Debug("re-bound to original binddn") b.Logger().Debug("re-bound to original binddn")
@@ -135,7 +135,7 @@ func (b *backend) Login(ctx context.Context, req *logical.Request, username stri
if cfg.AnonymousGroupSearch { if cfg.AnonymousGroupSearch {
c, err = ldapClient.DialLDAP(cfg.ConfigEntry) c, err = ldapClient.DialLDAP(cfg.ConfigEntry)
if err != nil { if err != nil {
return nil, logical.ErrorResponse("ldap operation failed"), nil, nil return nil, logical.ErrorResponse("ldap operation failed: failed to connect to LDAP server"), nil, nil
} }
defer c.Close() // Defer closing of this connection as the deferal above closes the other defined connection defer c.Close() // Defer closing of this connection as the deferal above closes the other defined connection
} }