From b245f644adfc738076c8ff0cbcd5539961d808f1 Mon Sep 17 00:00:00 2001 From: jmatthew Date: Mon, 22 Aug 2022 10:10:59 +0000 Subject: [PATCH] log connect, TLS and bind errors more prominently --- usr.sbin/ypldap/ldapclient.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/usr.sbin/ypldap/ldapclient.c b/usr.sbin/ypldap/ldapclient.c index 534f2d7c730..ea1915d687f 100644 --- a/usr.sbin/ypldap/ldapclient.c +++ b/usr.sbin/ypldap/ldapclient.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldapclient.c,v 1.44 2022/02/05 22:59:58 naddy Exp $ */ +/* $OpenBSD: ldapclient.c,v 1.45 2022/08/22 10:10:59 jmatthew Exp $ */ /* * Copyright (c) 2008 Alexander Schrijver @@ -83,7 +83,7 @@ client_aldap_open(struct ypldap_addr_list *addr) if (connect(fd, sa, SA_LEN(sa)) == 0) break; - warn("connect to %s port %s (%s) failed", hbuf, sbuf, "tcp"); + log_warn("connect to %s port %s failed", hbuf, sbuf); close(fd); fd = -1; } @@ -625,12 +625,15 @@ client_try_idm(struct env *env, struct idm *idm) if (aldap_tls(al, idm->idm_tls_config, idm->idm_name) < 0) { const char *err; aldap_get_errno(al, &err); - log_debug("tls failed: %s", err); + log_warnx("TLS handshake with %s failed: %s", + idm->idm_name, err); goto bad; } } if (idm->idm_flags & F_NEEDAUTH) { + int rc; + where = "binding"; if (aldap_bind(al, idm->idm_binddn, idm->idm_bindcred) == -1) goto bad; @@ -643,6 +646,14 @@ client_try_idm(struct env *env, struct idm *idm) aldap_freemsg(m); goto bad; } + where = "bind response"; + rc = aldap_get_resultcode(m); + if (rc != LDAP_SUCCESS) { + log_warnx("LDAP bind with %s failed: result code %d", + idm->idm_name, rc); + aldap_freemsg(m); + goto bad; + } aldap_freemsg(m); } -- 2.20.1