{
int rc;
- Debug( LDAP_DEBUG_TRACE, "ldap_abandon_ext %d\n", msgid, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "ldap_abandon_ext %d\n", msgid );
/* check client controls */
LDAP_MUTEX_LOCK( &ld->ld_req_mutex );
int
ldap_abandon( LDAP *ld, int msgid )
{
- Debug( LDAP_DEBUG_TRACE, "ldap_abandon %d\n", msgid, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "ldap_abandon %d\n", msgid );
return ldap_abandon_ext( ld, msgid, NULL, NULL ) == LDAP_SUCCESS
? 0 : -1;
}
Sockbuf *sb;
LDAPRequest *lr;
- Debug( LDAP_DEBUG_TRACE, "do_abandon origid %d, msgid %d\n",
- origid, msgid, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "do_abandon origid %d, msgid %d\n",
+ origid, msgid );
/* find the request that we are abandoning */
start_again:;
int rc;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_add_ext\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_add_ext\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( dn != NULL );
int
ldap_bind( LDAP *ld, LDAP_CONST char *dn, LDAP_CONST char *passwd, int authmethod )
{
- Debug( LDAP_DEBUG_TRACE, "ldap_bind\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_bind\n" );
switch ( authmethod ) {
case LDAP_AUTH_SIMPLE:
LDAP_CONST char *passwd,
int authmethod )
{
- Debug( LDAP_DEBUG_TRACE, "ldap_bind_s\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_bind_s\n" );
switch ( authmethod ) {
case LDAP_AUTH_SIMPLE:
BerElement *ber;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_compare\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_compare\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
sprintf( version, "%u.%d.%d", (unsigned)rc >> 24, (rc >> 16) & 0xff,
rc & 0xffff );
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"ldap_int_sasl_init: SASL library version mismatch:"
" expected " SASL_VERSION_STRING ","
- " got %s\n", version, 0, 0 );
+ " got %s\n", version );
return -1;
}
}
return ld->ld_errno;
}
- Debug( LDAP_DEBUG_TRACE, "ldap_int_sasl_open: host=%s\n",
- host, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "ldap_int_sasl_open: host=%s\n",
+ host );
lc->lconn_sasl_authctx = ctx;
int saslrc, rc;
unsigned credlen;
- Debug( LDAP_DEBUG_TRACE, "ldap_int_sasl_bind: %s\n",
- mechs ? mechs : "<null>", 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "ldap_int_sasl_bind: %s\n",
+ mechs ? mechs : "<null>" );
/* do a quick !LDAPv3 check... ldap_sasl_bind will do the rest. */
if (ld->ld_version < LDAP_VERSION3) {
if ( rc != LDAP_SUCCESS && rc != LDAP_SASL_BIND_IN_PROGRESS ) {
if( scred ) {
/* and server provided us with data? */
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"ldap_int_sasl_bind: rc=%d len=%ld\n",
- rc, scred ? (long) scred->bv_len : -1L, 0 );
+ rc, scred ? (long) scred->bv_len : -1L );
ber_bvfree( scred );
scred = NULL;
}
do {
if( ! scred ) {
/* no data! */
- Debug( LDAP_DEBUG_TRACE,
- "ldap_int_sasl_bind: no data in step!\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE,
+ "ldap_int_sasl_bind: no data in step!\n" );
}
saslrc = sasl_client_step( ctx,
(SASL_CONST char **)&ccred.bv_val,
&credlen );
- Debug( LDAP_DEBUG_TRACE, "sasl_client_step: %d\n",
- saslrc, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "sasl_client_step: %d\n",
+ saslrc );
if( saslrc == SASL_INTERACT ) {
int res;
BerElement *ber;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_delete_ext\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_delete_ext\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
* DelRequest ::= DistinguishedName,
*/
- Debug( LDAP_DEBUG_TRACE, "ldap_delete\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_delete\n" );
return ldap_delete_ext( ld, dn, NULL, NULL, &msgid ) == LDAP_SUCCESS
? msgid : -1 ;
{
char *m;
- Debug( LDAP_DEBUG_TRACE, "ldap_err2string\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_err2string\n" );
switch ( err ) {
# define C(code, message) case code: m = message; break
ber_tag_t tag;
BerElement *ber;
- Debug( LDAP_DEBUG_TRACE, "ldap_parse_result\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_parse_result\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
BerElement *ber;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_extended_operation\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_extended_operation\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
int msgid;
LDAPMessage *res;
- Debug( LDAP_DEBUG_TRACE, "ldap_extended_operation_s\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_extended_operation_s\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
assert( LDAP_VALID( ld ) );
assert( res != NULL );
- Debug( LDAP_DEBUG_TRACE, "ldap_parse_extended_result\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_parse_extended_result\n" );
if( ld->ld_version < LDAP_VERSION3 ) {
ld->ld_errno = LDAP_NOT_SUPPORTED;
assert( LDAP_VALID( ld ) );
assert( res != NULL );
- Debug( LDAP_DEBUG_TRACE, "ldap_parse_intermediate\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_parse_intermediate\n" );
if( ld->ld_version < LDAP_VERSION3 ) {
ld->ld_errno = LDAP_NOT_SUPPORTED;
* Note: tags in a CHOICE are always explicit
*/
- Debug( LDAP_DEBUG_TRACE, "put_filter: \"%s\"\n", str_in, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "put_filter: \"%s\"\n", str_in );
freeme = LDAP_STRDUP( str_in );
if( freeme == NULL ) return LDAP_NO_MEMORY;
switch ( *str ) {
case '&':
- Debug( LDAP_DEBUG_TRACE, "put_filter: AND\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_filter: AND\n" );
str = put_complex_filter( ber, str,
LDAP_FILTER_AND, 0 );
break;
case '|':
- Debug( LDAP_DEBUG_TRACE, "put_filter: OR\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_filter: OR\n" );
str = put_complex_filter( ber, str,
LDAP_FILTER_OR, 0 );
break;
case '!':
- Debug( LDAP_DEBUG_TRACE, "put_filter: NOT\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_filter: NOT\n" );
str = put_complex_filter( ber, str,
LDAP_FILTER_NOT, 0 );
goto done;
default:
- Debug( LDAP_DEBUG_TRACE, "put_filter: simple\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_filter: simple\n" );
balance = 1;
escape = 0;
break;
case /*'('*/ ')':
- Debug( LDAP_DEBUG_TRACE, "put_filter: end\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_filter: end\n" );
if ( ber_printf( ber, /*"["*/ "]" ) == -1 ) {
rc = -1;
goto done;
break;
default: /* assume it's a simple type=value filter */
- Debug( LDAP_DEBUG_TRACE, "put_filter: default\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_filter: default\n" );
next = strchr( str, '\0' );
if ( put_simple_filter( ber, str ) == -1 ) {
rc = -1;
char *next = NULL;
char save;
- Debug( LDAP_DEBUG_TRACE, "put_filter_list \"%s\"\n",
- str, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "put_filter_list \"%s\"\n",
+ str );
while ( *str ) {
while ( *str && LDAP_SPACE( (unsigned char) *str ) ) {
ber_tag_t ftype;
int rc = -1;
- Debug( LDAP_DEBUG_TRACE, "put_simple_filter: \"%s\"\n",
- str, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "put_simple_filter: \"%s\"\n",
+ str );
str = LDAP_STRDUP( str );
if( str == NULL ) return -1;
int gotstar = 0;
ber_tag_t ftype = LDAP_FILTER_SUBSTRINGS;
- Debug( LDAP_DEBUG_TRACE, "put_substring_filter \"%s=%s\"\n",
- type, val, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "put_substring_filter \"%s=%s\"\n",
+ type, val );
if ( ber_printf( ber, "t{s{" /*"}}"*/, ftype, type ) == -1 ) {
return -1;
* (Source: RFC 3876)
*/
- Debug( LDAP_DEBUG_TRACE, "put_vrFilter: \"%s\"\n", str_in, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "put_vrFilter: \"%s\"\n", str_in );
freeme = LDAP_STRDUP( str_in );
if( freeme == NULL ) return LDAP_NO_MEMORY;
default:
- Debug( LDAP_DEBUG_TRACE, "put_vrFilter: simple\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_vrFilter: simple\n" );
balance = 1;
escape = 0;
break;
case /*'('*/ ')':
- Debug( LDAP_DEBUG_TRACE, "put_vrFilter: end\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_vrFilter: end\n" );
if ( ber_printf( ber, /*"["*/ "]" ) == -1 ) {
rc = -1;
goto done;
break;
default: /* assume it's a simple type=value filter */
- Debug( LDAP_DEBUG_TRACE, "put_vrFilter: default\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "put_vrFilter: default\n" );
next = strchr( str, '\0' );
if ( put_simple_vrFilter( ber, str ) == -1 ) {
rc = -1;
char *next = NULL;
char save;
- Debug( LDAP_DEBUG_TRACE, "put_vrFilter_list \"%s\"\n",
- str, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "put_vrFilter_list \"%s\"\n",
+ str );
while ( *str ) {
while ( *str && LDAP_SPACE( (unsigned char) *str ) ) {
ber_tag_t ftype;
int rc = -1;
- Debug( LDAP_DEBUG_TRACE, "put_simple_vrFilter: \"%s\"\n",
- str, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "put_simple_vrFilter: \"%s\"\n",
+ str );
str = LDAP_STRDUP( str );
if( str == NULL ) return -1;
char *attr;
BerElement *ber;
- Debug( LDAP_DEBUG_TRACE, "ldap_first_attribute\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_first_attribute\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
ber_tag_t tag;
char *attr;
- Debug( LDAP_DEBUG_TRACE, "ldap_next_attribute\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_next_attribute\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
ber_tag_t tag;
int rc = LDAP_SUCCESS;
- Debug( LDAP_DEBUG_TRACE, "ldap_get_attribute_ber\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_get_attribute_ber\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
char *dn;
BerElement tmp;
- Debug( LDAP_DEBUG_TRACE, "ldap_get_dn\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_get_dn\n" );
assert( ld != NULL );
assert( LDAP_VALID(ld) );
ber_len_t len = 0;
int rc = LDAP_SUCCESS;
- Debug( LDAP_DEBUG_TRACE, "ldap_get_dn_ber\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_get_dn_ber\n" );
assert( ld != NULL );
assert( LDAP_VALID(ld) );
{
char *out = NULL;
- Debug( LDAP_DEBUG_TRACE, "ldap_dn2ufn\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_dn2ufn\n" );
( void )ldap_dn_normalize( dn, LDAP_DN_FORMAT_LDAP,
&out, LDAP_DN_FORMAT_UFN );
int iRDN;
unsigned flag = notypes ? LDAP_DN_FORMAT_UFN : LDAP_DN_FORMAT_LDAPV3;
- Debug( LDAP_DEBUG_TRACE, "ldap_explode_dn\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_explode_dn\n" );
if ( ldap_str2dn( dn, &tmpDN, LDAP_DN_FORMAT_LDAP )
!= LDAP_SUCCESS ) {
const char *p;
int iAVA;
- Debug( LDAP_DEBUG_TRACE, "ldap_explode_rdn\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_explode_rdn\n" );
/*
* we only parse the first rdn
{
char *out = NULL;
- Debug( LDAP_DEBUG_TRACE, "ldap_dn2dcedn\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_dn2dcedn\n" );
( void )ldap_dn_normalize( dn, LDAP_DN_FORMAT_LDAP,
&out, LDAP_DN_FORMAT_DCE );
{
char *out = NULL;
- Debug( LDAP_DEBUG_TRACE, "ldap_dcedn2dn\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_dcedn2dn\n" );
( void )ldap_dn_normalize( dce, LDAP_DN_FORMAT_DCE, &out, LDAP_DN_FORMAT_LDAPV3 );
{
char *out = NULL;
- Debug( LDAP_DEBUG_TRACE, "ldap_dn2ad_canonical\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_dn2ad_canonical\n" );
( void )ldap_dn_normalize( dn, LDAP_DN_FORMAT_LDAP,
&out, LDAP_DN_FORMAT_AD_CANONICAL );
int rc;
LDAPDN tmpDN = NULL;
- Debug( LDAP_DEBUG_TRACE, "ldap_dn_normalize\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_dn_normalize\n" );
assert( dnout != NULL );
str = bv->bv_val;
end = str + bv->bv_len;
- Debug( LDAP_DEBUG_ARGS, "=> ldap_bv2dn(%s,%u)\n", str, flags, 0 );
+ Debug2( LDAP_DEBUG_ARGS, "=> ldap_bv2dn(%s,%u)\n", str, flags );
*dn = NULL;
LDAP_FREEX( tmpDN, ctx );
}
- Debug( LDAP_DEBUG_ARGS, "<= ldap_bv2dn(%s)=%d %s\n", str, rc,
+ Debug3( LDAP_DEBUG_ARGS, "<= ldap_bv2dn(%s)=%d %s\n", str, rc,
rc ? ldap_err2string( rc ) : "" );
*dn = newDN;
bv->bv_len = 0;
bv->bv_val = NULL;
- Debug( LDAP_DEBUG_ARGS, "=> ldap_dn2bv(%u)\n", flags, 0, 0 );
+ Debug1( LDAP_DEBUG_ARGS, "=> ldap_dn2bv(%u)\n", flags );
/*
* a null dn means an empty dn string
return LDAP_PARAM_ERROR;
}
- Debug( LDAP_DEBUG_ARGS, "<= ldap_dn2bv(%s)=%d %s\n",
+ Debug3( LDAP_DEBUG_ARGS, "<= ldap_dn2bv(%s)=%d %s\n",
bv->bv_val, rc, rc ? ldap_err2string( rc ) : "" );
return_results:;
assert( entry != NULL );
assert( target != NULL );
- Debug( LDAP_DEBUG_TRACE, "ldap_get_values\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_get_values\n" );
ber = *entry->lm_ber;
assert( entry != NULL );
assert( target != NULL );
- Debug( LDAP_DEBUG_TRACE, "ldap_get_values_len\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_get_values_len\n" );
ber = *entry->lm_ber;
{
char msg[256];
- Debug( LDAP_DEBUG_ANY, "%s\n",
- gsserrstr( msg, sizeof(msg), mech, gss_rc, minor_status ),
- NULL, NULL );
+ Debug1( LDAP_DEBUG_ANY, "%s\n",
+ gsserrstr( msg, sizeof(msg), mech, gss_rc, minor_status ) );
if (gss_rc == GSS_S_COMPLETE) {
ld->ld_errno = LDAP_SUCCESS;
char *dnsHostName = NULL;
int rc;
- Debug( LDAP_DEBUG_TRACE, "ldap_gssapi_get_rootdse_infos\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_gssapi_get_rootdse_infos\n" );
rc = ldap_search_s( ld, "", LDAP_SCOPE_BASE,
NULL, attrs, 0, &res );
return ld->ld_errno;
}
- Debug( LDAP_DEBUG_TRACE, "principal for host[%s]: '%s'\n",
- host, svc_principal, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "principal for host[%s]: '%s'\n",
+ host, svc_principal );
input_name.value = svc_principal;
input_name.length = (size_t)ret;
}
if ( attrs[i].type == ATTR_NONE ) {
- Debug( LDAP_DEBUG_TRACE, "ldap_pvt_tls_config: "
+ Debug1( LDAP_DEBUG_TRACE, "ldap_pvt_tls_config: "
"unknown option '%s'",
- cmd, 0, 0 );
+ cmd );
return 1;
}
return;
}
- Debug(LDAP_DEBUG_TRACE, "ldap_init: trying %s\n", file, 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_init: trying %s\n", file );
fp = fopen(file, "r");
if(fp == NULL) {
return;
}
- Debug(LDAP_DEBUG_TRACE, "ldap_init: using %s\n", file, 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_init: using %s\n", file );
while((start = fgets(linebuf, sizeof(linebuf), fp)) != NULL) {
/* skip lines starting with '#' */
home = getenv("HOME");
if (home != NULL) {
- Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is %s\n",
- home, 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_init: HOME env is %s\n",
+ home );
path = LDAP_MALLOC(strlen(home) + strlen(file) + sizeof( LDAP_DIRSEP "."));
} else {
- Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is NULL\n",
- 0, 0, 0);
+ Debug0(LDAP_DEBUG_TRACE, "ldap_init: HOME env is NULL\n" );
}
if(home != NULL && path != NULL) {
char *altfile = getenv(LDAP_ENV_PREFIX "CONF");
if( altfile != NULL ) {
- Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n",
- LDAP_ENV_PREFIX "CONF", altfile, 0);
+ Debug2(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n",
+ LDAP_ENV_PREFIX "CONF", altfile );
openldap_ldap_init_w_sysconf( altfile );
}
else
- Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n",
- LDAP_ENV_PREFIX "CONF", 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n",
+ LDAP_ENV_PREFIX "CONF" );
}
{
char *altfile = getenv(LDAP_ENV_PREFIX "RC");
if( altfile != NULL ) {
- Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n",
- LDAP_ENV_PREFIX "RC", altfile, 0);
+ Debug2(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n",
+ LDAP_ENV_PREFIX "RC", altfile );
openldap_ldap_init_w_userconf( altfile );
}
else
- Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n",
- LDAP_ENV_PREFIX "RC", 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n",
+ LDAP_ENV_PREFIX "RC" );
}
openldap_ldap_init_w_env(gopts, NULL);
for ( i = 0; i < 4; i++ ) {
if ( p[i] != '=' && (p[i] & 0x80 ||
b642nib[ p[i] & 0x7f ] > 0x3f) ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
_("ldap_pvt_decode_b64_inplace: invalid base64 encoding"
- " char (%c) 0x%x\n"), p[i], p[i], 0 );
+ " char (%c) 0x%x\n"), p[i], p[i] );
return( -1 );
}
}
int rc;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_modify_ext\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_modify_ext\n" );
/* check client controls */
rc = ldap_int_client_controls( ld, cctrls );
{
int rc, msgid;
- Debug( LDAP_DEBUG_TRACE, "ldap_modify\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_modify\n" );
rc = ldap_modify_ext( ld, dn, mods, NULL, NULL, &msgid );
int rc;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_rename\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_rename\n" );
/* check client controls */
rc = ldap_int_client_controls( ld, cctrls );
int msgid;
int rc;
- Debug( LDAP_DEBUG_TRACE, "ldap_rename2\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_rename2\n" );
rc = ldap_rename( ld, dn, newrdn, newSuperior,
deleteoldrdn, NULL, NULL, &msgid );
int rc;
LDAP *ld;
- Debug( LDAP_DEBUG_TRACE, "ldap_open(%s, %d)\n",
- host, port, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "ldap_open(%s, %d)\n",
+ host, port );
ld = ldap_init( host, port );
if ( ld == NULL ) {
ld = NULL;
}
- Debug( LDAP_DEBUG_TRACE, "ldap_open: %s\n",
- ld != NULL ? "succeeded" : "failed", 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "ldap_open: %s\n",
+ ld != NULL ? "succeeded" : "failed" );
return ld;
}
return LDAP_LOCAL_ERROR;
}
- Debug( LDAP_DEBUG_TRACE, "ldap_create\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_create\n" );
if ( (ld = (LDAP *) LDAP_CALLOC( 1, sizeof(LDAP) )) == NULL ) {
return( LDAP_NO_MEMORY );
int rc = -1;
int proto;
- Debug( LDAP_DEBUG_TRACE, "ldap_int_open_connection\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_int_open_connection\n" );
switch ( proto = ldap_pvt_url_scheme2proto( srv->lud_scheme ) ) {
case LDAP_PROTO_TCP:
return( NULL );
}
- Debug( LDAP_DEBUG_TRACE, "ldap_dup\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_dup\n" );
if ( (ld = (LDAP *) LDAP_CALLOC( 1, sizeof(LDAP) )) == NULL ) {
return( NULL );
static int
ldap_pvt_ndelay_on(LDAP *ld, int fd)
{
- osip_debug(ld, "ldap_ndelay_on: %d\n",fd,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_ndelay_on: %d\n",fd );
return ber_pvt_socket_set_nonblock( fd, 1 );
}
static int
ldap_pvt_ndelay_off(LDAP *ld, int fd)
{
- osip_debug(ld, "ldap_ndelay_off: %d\n",fd,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_ndelay_off: %d\n",fd );
return ber_pvt_socket_set_nonblock( fd, 0 );
}
ldap_int_socket(LDAP *ld, int family, int type )
{
ber_socket_t s = socket(family, type, 0);
- osip_debug(ld, "ldap_new_socket: %d\n",s,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_new_socket: %d\n",s );
#ifdef FD_CLOEXEC
fcntl(s, F_SETFD, FD_CLOEXEC);
#endif
static int
ldap_pvt_close_socket(LDAP *ld, int s)
{
- osip_debug(ld, "ldap_close_socket: %d\n",s,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_close_socket: %d\n",s );
return tcp_close(s);
}
static int
ldap_int_prepare_socket(LDAP *ld, int s, int proto )
{
- osip_debug( ld, "ldap_prepare_socket: %d\n", s, 0, 0 );
+ Debug1(LDAP_DEBUG_TRACE, "ldap_prepare_socket: %d\n", s );
#if defined( SO_KEEPALIVE ) || defined( TCP_NODELAY )
if ( proto == LDAP_PROTO_TCP ) {
if ( setsockopt( s, SOL_SOCKET, SO_KEEPALIVE,
(char*) &dummy, sizeof(dummy) ) == AC_SOCKET_ERROR )
{
- osip_debug( ld, "ldap_prepare_socket: "
+ Debug1(LDAP_DEBUG_TRACE, "ldap_prepare_socket: "
"setsockopt(%d, SO_KEEPALIVE) failed (ignored).\n",
- s, 0, 0 );
+ s );
}
if ( ld->ld_options.ldo_keepalive_idle > 0 )
{
(void*) &ld->ld_options.ldo_keepalive_idle,
sizeof(ld->ld_options.ldo_keepalive_idle) ) == AC_SOCKET_ERROR )
{
- osip_debug( ld, "ldap_prepare_socket: "
+ Debug1(LDAP_DEBUG_TRACE,
+ "ldap_prepare_socket: "
"setsockopt(%d, TCP_KEEPIDLE) failed (ignored).\n",
- s, 0, 0 );
+ s );
}
#else
- osip_debug( ld, "ldap_prepare_socket: "
- "sockopt TCP_KEEPIDLE not supported on this system.\n",
- 0, 0, 0 );
+ Debug0(LDAP_DEBUG_TRACE, "ldap_prepare_socket: "
+ "sockopt TCP_KEEPIDLE not supported on this system.\n" );
#endif /* TCP_KEEPIDLE */
}
if ( ld->ld_options.ldo_keepalive_probes > 0 )
(void*) &ld->ld_options.ldo_keepalive_probes,
sizeof(ld->ld_options.ldo_keepalive_probes) ) == AC_SOCKET_ERROR )
{
- osip_debug( ld, "ldap_prepare_socket: "
+ Debug1(LDAP_DEBUG_TRACE,
+ "ldap_prepare_socket: "
"setsockopt(%d, TCP_KEEPCNT) failed (ignored).\n",
- s, 0, 0 );
+ s );
}
#else
- osip_debug( ld, "ldap_prepare_socket: "
- "sockopt TCP_KEEPCNT not supported on this system.\n",
- 0, 0, 0 );
+ Debug0(LDAP_DEBUG_TRACE, "ldap_prepare_socket: "
+ "sockopt TCP_KEEPCNT not supported on this system.\n" );
#endif /* TCP_KEEPCNT */
}
if ( ld->ld_options.ldo_keepalive_interval > 0 )
(void*) &ld->ld_options.ldo_keepalive_interval,
sizeof(ld->ld_options.ldo_keepalive_interval) ) == AC_SOCKET_ERROR )
{
- osip_debug( ld, "ldap_prepare_socket: "
+ Debug1(LDAP_DEBUG_TRACE,
+ "ldap_prepare_socket: "
"setsockopt(%d, TCP_KEEPINTVL) failed (ignored).\n",
- s, 0, 0 );
+ s );
}
#else
- osip_debug( ld, "ldap_prepare_socket: "
- "sockopt TCP_KEEPINTVL not supported on this system.\n",
- 0, 0, 0 );
+ Debug0(LDAP_DEBUG_TRACE, "ldap_prepare_socket: "
+ "sockopt TCP_KEEPINTVL not supported on this system.\n" );
#endif /* TCP_KEEPINTVL */
}
#endif /* SO_KEEPALIVE */
if ( setsockopt( s, IPPROTO_TCP, TCP_NODELAY,
(char*) &dummy, sizeof(dummy) ) == AC_SOCKET_ERROR )
{
- osip_debug( ld, "ldap_prepare_socket: "
+ Debug1(LDAP_DEBUG_TRACE, "ldap_prepare_socket: "
"setsockopt(%d, TCP_NODELAY) failed (ignored).\n",
- s, 0, 0 );
+ s );
}
#endif /* TCP_NODELAY */
}
#undef TRACE
#define TRACE do { \
- osip_debug(ld, \
- "ldap_is_socket_ready: error on socket %d: errno: %d (%s)\n", \
+ Debug3(LDAP_DEBUG_TRACE, "ldap_is_socket_ready: error on socket %d: errno: %d (%s)\n", \
s, \
errno, \
sock_errstr(errno) ); \
static int
ldap_pvt_is_socket_ready(LDAP *ld, int s)
{
- osip_debug(ld, "ldap_is_sock_ready: %d\n",s,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_is_sock_ready: %d\n",s );
#if defined( notyet ) /* && defined( SO_ERROR ) */
{
int rc;
- osip_debug(ld, "ldap_int_poll: fd: %d tm: %ld\n",
- s, tvp ? tvp->tv_sec : -1L, 0);
+ Debug2(LDAP_DEBUG_TRACE, "ldap_int_poll: fd: %d tm: %ld\n",
+ s, tvp ? tvp->tv_sec : -1L );
#ifdef HAVE_POLL
{
so_errno = WSAGetLastError();
}
ldap_pvt_set_errno( so_errno );
- osip_debug(ld, "ldap_int_poll: error on socket %d: "
+ Debug3(LDAP_DEBUG_TRACE,
+ "ldap_int_poll: error on socket %d: "
"errno: %d (%s)\n", s, errno, sock_errstr( errno ));
return -1;
}
}
#endif
- osip_debug(ld, "ldap_int_poll: timed out\n",0,0,0);
+ Debug0(LDAP_DEBUG_TRACE, "ldap_int_poll: timed out\n" );
ldap_pvt_set_errno( ETIMEDOUT );
return -1;
}
opt_tv = &tv;
}
- osip_debug(ld, "ldap_pvt_connect: fd: %d tm: %ld async: %d\n",
+ Debug3(LDAP_DEBUG_TRACE,
+ "ldap_pvt_connect: fd: %d tm: %ld async: %d\n",
s, opt_tv ? tv.tv_sec : -1L, async);
if ( opt_tv && ldap_pvt_ndelay_on(ld, s) == -1 )
return ( -1 );
do{
- osip_debug(ld, "attempting to connect: \n", 0, 0, 0);
+ Debug0(LDAP_DEBUG_TRACE, "attempting to connect: \n" );
if ( connect(s, sin, addrlen) != AC_SOCKET_ERROR ) {
- osip_debug(ld, "connect success\n", 0, 0, 0);
+ Debug0(LDAP_DEBUG_TRACE, "connect success\n" );
if ( opt_tv && ldap_pvt_ndelay_off(ld, s) == -1 )
return ( -1 );
return ( 0 );
}
err = sock_errno();
- osip_debug(ld, "connect errno: %d\n", err, 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "connect errno: %d\n", err );
} while(err == EINTR &&
LDAP_BOOL_GET( &ld->ld_options, LDAP_BOOL_RESTART ));
rc = ldap_int_poll( ld, s, opt_tv, 1 );
- osip_debug(ld, "ldap_pvt_connect: %d\n", rc, 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_pvt_connect: %d\n", rc );
return rc;
}
switch(proto) {
case LDAP_PROTO_TCP: socktype = SOCK_STREAM;
- osip_debug( ld,
- "ldap_connect_to_host: TCP %s:%d\n",
- host, port, 0);
+ Debug2(LDAP_DEBUG_TRACE, "ldap_connect_to_host: TCP %s:%d\n",
+ host, port );
break;
case LDAP_PROTO_UDP: socktype = SOCK_DGRAM;
- osip_debug( ld,
- "ldap_connect_to_host: UDP %s:%d\n",
- host, port, 0);
+ Debug2(LDAP_DEBUG_TRACE, "ldap_connect_to_host: UDP %s:%d\n",
+ host, port );
break;
default:
- osip_debug( ld, "ldap_connect_to_host: unknown proto: %d\n",
- proto, 0, 0 );
+ Debug1(LDAP_DEBUG_TRACE,
+ "ldap_connect_to_host: unknown proto: %d\n",
+ proto );
return -1;
}
LDAP_MUTEX_UNLOCK(&ldap_int_resolv_mutex);
if ( err != 0 ) {
- osip_debug(ld, "ldap_connect_to_host: getaddrinfo failed: %s\n",
- AC_GAI_STRERROR(err), 0, 0);
+ Debug1(LDAP_DEBUG_TRACE,
+ "ldap_connect_to_host: getaddrinfo failed: %s\n",
+ AC_GAI_STRERROR(err) );
return -1;
}
rc = -1;
for( sai=res; sai != NULL; sai=sai->ai_next) {
if( sai->ai_addr == NULL ) {
- osip_debug(ld, "ldap_connect_to_host: getaddrinfo "
- "ai_addr is NULL?\n", 0, 0, 0);
+ Debug0(LDAP_DEBUG_TRACE,
+ "ldap_connect_to_host: getaddrinfo "
+ "ai_addr is NULL?\n" );
continue;
}
inet_ntop( AF_INET6,
&((struct sockaddr_in6 *)sai->ai_addr)->sin6_addr,
addr, sizeof addr);
- osip_debug(ld, "ldap_connect_to_host: Trying %s %s\n",
- addr, serv, 0);
+ Debug2(LDAP_DEBUG_TRACE,
+ "ldap_connect_to_host: Trying %s %s\n",
+ addr, serv );
} break;
#endif
case AF_INET: {
inet_ntop( AF_INET,
&((struct sockaddr_in *)sai->ai_addr)->sin_addr,
addr, sizeof addr);
- osip_debug(ld, "ldap_connect_to_host: Trying %s:%s\n",
- addr, serv, 0);
+ Debug2(LDAP_DEBUG_TRACE,
+ "ldap_connect_to_host: Trying %s:%s\n",
+ addr, serv );
} break;
}
/* for VxWorks */
char address[INET_ADDR_LEN];
inet_ntoa_b(sin.sin_address, address);
- osip_debug(ld, "ldap_connect_to_host: Trying %s:%d\n",
- address, port, 0);
+ Debug2(LDAP_DEBUG_TRACE,
+ "ldap_connect_to_host: Trying %s:%d\n",
+ address, port );
}
#else
- osip_debug(ld, "ldap_connect_to_host: Trying %s:%d\n",
- inet_ntoa(sin.sin_addr), port, 0);
+ Debug2(LDAP_DEBUG_TRACE,
+ "ldap_connect_to_host: Trying %s:%d\n",
+ inet_ntoa(sin.sin_addr), port );
#endif
rc = ldap_pvt_connect(ld, s,
int rc;
struct selectinfo *sip;
- Debug( LDAP_DEBUG_TRACE, "ldap_int_select\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_int_select\n" );
#ifndef HAVE_POLL
if ( ldap_int_tblsize == 0 ) ldap_int_ip_init();
static int
ldap_pvt_ndelay_on(LDAP *ld, int fd)
{
- oslocal_debug(ld, "ldap_ndelay_on: %d\n",fd,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_ndelay_on: %d\n",fd );
return ber_pvt_socket_set_nonblock( fd, 1 );
}
static int
ldap_pvt_ndelay_off(LDAP *ld, int fd)
{
- oslocal_debug(ld, "ldap_ndelay_off: %d\n",fd,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_ndelay_off: %d\n",fd );
return ber_pvt_socket_set_nonblock( fd, 0 );
}
ldap_pvt_socket(LDAP *ld)
{
ber_socket_t s = socket(PF_LOCAL, SOCK_STREAM, 0);
- oslocal_debug(ld, "ldap_new_socket: %d\n",s,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_new_socket: %d\n",s );
#ifdef FD_CLOEXEC
fcntl(s, F_SETFD, FD_CLOEXEC);
#endif
static int
ldap_pvt_close_socket(LDAP *ld, int s)
{
- oslocal_debug(ld, "ldap_close_socket: %d\n",s,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_close_socket: %d\n",s );
return tcp_close(s);
}
#undef TRACE
#define TRACE do { \
char ebuf[128]; \
- oslocal_debug(ld, \
- "ldap_is_socket_ready: error on socket %d: errno: %d (%s)\n", \
+ Debug3(LDAP_DEBUG_TRACE, "ldap_is_socket_ready: error on socket %d: errno: %d (%s)\n", \
s, \
errno, \
AC_STRERROR_R(errno, ebuf, sizeof ebuf)); \
static int
ldap_pvt_is_socket_ready(LDAP *ld, int s)
{
- oslocal_debug(ld, "ldap_is_sock_ready: %d\n",s,0,0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_is_sock_ready: %d\n",s );
#if defined( notyet ) /* && defined( SO_ERROR ) */
{
opt_tv = &tv;
}
- oslocal_debug(ld, "ldap_connect_timeout: fd: %d tm: %ld async: %d\n",
+ Debug3(LDAP_DEBUG_TRACE,
+ "ldap_connect_timeout: fd: %d tm: %ld async: %d\n",
s, opt_tv ? tv.tv_sec : -1L, async);
if ( ldap_pvt_ndelay_on(ld, s) == -1 ) return -1;
}
#endif
- oslocal_debug(ld, "ldap_connect_timeout: timed out\n",0,0,0);
+ Debug0(LDAP_DEBUG_TRACE, "ldap_connect_timeout: timed out\n" );
ldap_pvt_set_errno( ETIMEDOUT );
return ( -1 );
}
int rc;
const char *path = srv->lud_host;
- oslocal_debug(ld, "ldap_connect_to_path\n",0,0,0);
+ Debug0(LDAP_DEBUG_TRACE, "ldap_connect_to_path\n" );
if ( path == NULL || path[0] == '\0' ) {
path = LDAPI_SOCK;
return -1;
}
- oslocal_debug(ld, "ldap_connect_to_path: Trying %s\n", path, 0, 0);
+ Debug1(LDAP_DEBUG_TRACE, "ldap_connect_to_path: Trying %s\n", path );
memset( &server, '\0', sizeof(server) );
server.sun_family = AF_LOCAL;
int rc = 1;
ber_socket_t sd = AC_SOCKET_INVALID;
- Debug( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_send_initial_request\n" );
LDAP_MUTEX_LOCK( &ld->ld_conn_mutex );
if ( ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_GET_FD, &sd ) == -1 ) {
LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
return( -1 );
} else if ( rc == 0 ) {
- Debug( LDAP_DEBUG_TRACE,
- "ldap_open_defconn: successful\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE,
+ "ldap_open_defconn: successful\n" );
}
#ifdef LDAP_CONNECTIONLESS
int incparent, rc;
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_req_mutex );
- Debug( LDAP_DEBUG_TRACE, "ldap_send_server_request\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_send_server_request\n" );
incparent = 0;
ld->ld_errno = LDAP_SUCCESS; /* optimistic */
int async = 0;
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_conn_mutex );
- Debug( LDAP_DEBUG_TRACE, "ldap_new_connection %d %d %d\n",
+ Debug3( LDAP_DEBUG_TRACE, "ldap_new_connection %d %d %d\n",
use_ldsb, connect, (bind != NULL) );
/*
* make a new LDAP server connection
++lc->lconn_refcnt; /* avoid premature free */
ld->ld_defconn = lc;
- Debug( LDAP_DEBUG_TRACE, "Call application rebind_proc\n", 0, 0, 0);
+ Debug0( LDAP_DEBUG_TRACE, "Call application rebind_proc\n" );
LDAP_REQ_UNLOCK_IF(m_req);
LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
LDAP_RES_UNLOCK_IF(m_res);
++lc->lconn_refcnt; /* avoid premature free */
ld->ld_defconn = lc;
- Debug( LDAP_DEBUG_TRACE,
- "anonymous rebind via ldap_sasl_bind(\"\")\n",
- 0, 0, 0);
+ Debug0( LDAP_DEBUG_TRACE,
+ "anonymous rebind via ldap_sasl_bind(\"\")\n" );
LDAP_REQ_UNLOCK_IF(m_req);
LDAP_MUTEX_UNLOCK( &ld->ld_conn_mutex );
break;
default:
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"ldap_new_connection %p: "
"unexpected response %d "
"from BIND request id=%d\n",
LDAPConn *tmplc, *prevlc;
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_conn_mutex );
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"ldap_free_connection %d %d\n",
- force, unbind, 0 );
+ force, unbind );
if ( force || --lc->lconn_refcnt <= 0 ) {
/* remove from connections list first */
LDAP_FREE( lc );
- Debug( LDAP_DEBUG_TRACE,
- "ldap_free_connection: actually freed\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE,
+ "ldap_free_connection: actually freed\n" );
} else {
lc->lconn_lastused = time( NULL );
- Debug( LDAP_DEBUG_TRACE, "ldap_free_connection: refcnt %d\n",
- lc->lconn_refcnt, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "ldap_free_connection: refcnt %d\n",
+ lc->lconn_refcnt );
}
}
LDAPConn *lc;
char timebuf[32];
- Debug( LDAP_DEBUG_TRACE, "** ld %p Connection%s:\n", (void *)ld, all ? "s" : "", 0 );
+ Debug2( LDAP_DEBUG_TRACE, "** ld %p Connection%s:\n", (void *)ld, all ? "s" : "" );
LDAP_MUTEX_LOCK( &ld->ld_conn_mutex );
for ( lc = lconns; lc != NULL; lc = lc->lconn_next ) {
if ( lc->lconn_server != NULL ) {
- Debug( LDAP_DEBUG_TRACE, "* host: %s port: %d%s\n",
+ Debug3( LDAP_DEBUG_TRACE, "* host: %s port: %d%s\n",
( lc->lconn_server->lud_host == NULL ) ? "(null)"
: lc->lconn_server->lud_host,
lc->lconn_server->lud_port, ( lc->lconn_sb ==
ld->ld_sb ) ? " (default)" : "" );
}
- Debug( LDAP_DEBUG_TRACE, " refcnt: %d status: %s\n", lc->lconn_refcnt,
+ Debug2( LDAP_DEBUG_TRACE, " refcnt: %d status: %s\n", lc->lconn_refcnt,
( lc->lconn_status == LDAP_CONNST_NEEDSOCKET )
? "NeedSocket" :
( lc->lconn_status == LDAP_CONNST_CONNECTING )
- ? "Connecting" : "Connected", 0 );
- Debug( LDAP_DEBUG_TRACE, " last used: %s%s\n",
+ ? "Connecting" : "Connected" );
+ Debug2( LDAP_DEBUG_TRACE, " last used: %s%s\n",
ldap_pvt_ctime( &lc->lconn_lastused, timebuf ),
- lc->lconn_rebind_inprogress ? " rebind in progress" : "", 0 );
+ lc->lconn_rebind_inprogress ? " rebind in progress" : "" );
if ( lc->lconn_rebind_inprogress ) {
if ( lc->lconn_rebind_queue != NULL) {
int i;
for ( i = 0; lc->lconn_rebind_queue[i] != NULL; i++ ) {
int j;
for( j = 0; lc->lconn_rebind_queue[i][j] != 0; j++ ) {
- Debug( LDAP_DEBUG_TRACE, " queue %d entry %d - %s\n",
+ Debug3( LDAP_DEBUG_TRACE, " queue %d entry %d - %s\n",
i, j, lc->lconn_rebind_queue[i][j] );
}
}
} else {
- Debug( LDAP_DEBUG_TRACE, " queue is empty\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, " queue is empty\n" );
}
}
- Debug( LDAP_DEBUG_TRACE, "\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "\n" );
if ( !all ) {
break;
}
LDAPMessage *lm, *l;
int i;
- Debug( LDAP_DEBUG_TRACE, "** ld %p Outstanding Requests:\n",
- (void *)ld, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "** ld %p Outstanding Requests:\n",
+ (void *)ld );
lr = ld->ld_requests;
if ( lr == NULL ) {
- Debug( LDAP_DEBUG_TRACE, " Empty\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, " Empty\n" );
}
for ( i = 0; lr != NULL; lr = lr->lr_next, i++ ) {
- Debug( LDAP_DEBUG_TRACE, " * msgid %d, origid %d, status %s\n",
+ Debug3( LDAP_DEBUG_TRACE, " * msgid %d, origid %d, status %s\n",
lr->lr_msgid, lr->lr_origid,
( lr->lr_status == LDAP_REQST_INPROGRESS ) ? "InProgress" :
( lr->lr_status == LDAP_REQST_CHASINGREFS ) ? "ChasingRefs" :
( lr->lr_status == LDAP_REQST_WRITING ) ? "Writing" :
( lr->lr_status == LDAP_REQST_COMPLETED ) ? "RequestCompleted"
: "InvalidStatus" );
- Debug( LDAP_DEBUG_TRACE, " outstanding referrals %d, parent count %d\n",
- lr->lr_outrefcnt, lr->lr_parentcnt, 0 );
+ Debug2( LDAP_DEBUG_TRACE, " outstanding referrals %d, parent count %d\n",
+ lr->lr_outrefcnt, lr->lr_parentcnt );
}
- Debug( LDAP_DEBUG_TRACE, " ld %p request count %d (abandoned %lu)\n",
+ Debug3( LDAP_DEBUG_TRACE, " ld %p request count %d (abandoned %lu)\n",
(void *)ld, i, ld->ld_nabandoned );
- Debug( LDAP_DEBUG_TRACE, "** ld %p Response Queue:\n", (void *)ld, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "** ld %p Response Queue:\n", (void *)ld );
if ( ( lm = ld->ld_responses ) == NULL ) {
- Debug( LDAP_DEBUG_TRACE, " Empty\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, " Empty\n" );
}
for ( i = 0; lm != NULL; lm = lm->lm_next, i++ ) {
- Debug( LDAP_DEBUG_TRACE, " * msgid %d, type %lu\n",
- lm->lm_msgid, (unsigned long)lm->lm_msgtype, 0 );
+ Debug2( LDAP_DEBUG_TRACE, " * msgid %d, type %lu\n",
+ lm->lm_msgid, (unsigned long)lm->lm_msgtype );
if ( lm->lm_chain != NULL ) {
- Debug( LDAP_DEBUG_TRACE, " chained responses:\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, " chained responses:\n" );
for ( l = lm->lm_chain; l != NULL; l = l->lm_chain ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
" * msgid %d, type %lu\n",
l->lm_msgid,
- (unsigned long)l->lm_msgtype, 0 );
+ (unsigned long)l->lm_msgtype );
}
}
}
- Debug( LDAP_DEBUG_TRACE, " ld %p response count %d\n", (void *)ld, i, 0 );
+ Debug2( LDAP_DEBUG_TRACE, " ld %p response count %d\n", (void *)ld, i );
}
#endif /* LDAP_DEBUG */
ldap_free_request( LDAP *ld, LDAPRequest *lr )
{
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_req_mutex );
- Debug( LDAP_DEBUG_TRACE, "ldap_free_request (origid %d, msgid %d)\n",
- lr->lr_origid, lr->lr_msgid, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "ldap_free_request (origid %d, msgid %d)\n",
+ lr->lr_origid, lr->lr_msgid );
/* free all referrals (child requests) */
while ( lr->lr_child ) {
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_res_mutex );
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_conn_mutex );
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_req_mutex );
- Debug( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_chase_v3referrals\n" );
ld->ld_errno = LDAP_SUCCESS; /* optimistic */
*hadrefp = 0;
/* Check for hop limit exceeded */
if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
- Debug( LDAP_DEBUG_ANY,
- "more than %d referral hops (dropping)\n", ld->ld_refhoplimit, 0, 0 );
+ Debug1( LDAP_DEBUG_ANY,
+ "more than %d referral hops (dropping)\n", ld->ld_refhoplimit );
ld->ld_errno = LDAP_REFERRAL_LIMIT_EXCEEDED;
rc = -1;
goto done;
* if two search references come in one behind the other
* for the same server with different contexts.
*/
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"ldap_chase_v3referrals: queue referral \"%s\"\n",
- refarray[i], 0, 0);
+ refarray[i] );
if( lc->lconn_rebind_queue == NULL ) {
/* Create a referral list */
lc->lconn_rebind_queue =
goto done;
}
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"ldap_chase_v3referral: msgid %d, url \"%s\"\n",
- lr->lr_msgid, refarray[i], 0);
+ lr->lr_msgid, refarray[i] );
/* Send the new request to the server - may require a bind */
rinfo.ri_msgid = origreq->lr_origid;
origreq, &srv, NULL, &rinfo, 0, 1 );
if ( rc < 0 ) {
/* Failure, try next referral in the list */
- Debug( LDAP_DEBUG_ANY, "Unable to chase referral \"%s\" (%d: %s)\n",
+ Debug3( LDAP_DEBUG_ANY, "Unable to chase referral \"%s\" (%d: %s)\n",
refarray[i], ld->ld_errno, ldap_err2string( ld->ld_errno ) );
unfollowedcnt += ldap_append_referral( ld, &unfollowed, refarray[i] );
ldap_free_urllist( srv );
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_res_mutex );
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_conn_mutex );
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_req_mutex );
- Debug( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_chase_referrals\n" );
ld->ld_errno = LDAP_SUCCESS; /* optimistic */
*hadrefp = 0;
}
if ( lr->lr_parentcnt >= ld->ld_refhoplimit ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"more than %d referral hops (dropping)\n",
- ld->ld_refhoplimit, 0, 0 );
+ ld->ld_refhoplimit );
/* XXX report as error in ld->ld_errno? */
return( 0 );
}
rc = ldap_url_parse_ext( ref, &srv, LDAP_PVT_URL_PARSE_NOEMPTY_DN );
if ( rc != LDAP_URL_SUCCESS ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"ignoring %s referral <%s>\n",
- ref, rc == LDAP_URL_ERR_BADSCHEME ? "unknown" : "incorrect", 0 );
+ ref, rc == LDAP_URL_ERR_BADSCHEME ? "unknown" : "incorrect" );
rc = ldap_append_referral( ld, &unfollowed, ref );
*hadrefp = 1;
continue;
}
- Debug( LDAP_DEBUG_TRACE,
- "chasing LDAP referral: <%s>\n", ref, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE,
+ "chasing LDAP referral: <%s>\n", ref );
*hadrefp = 1;
if( rc >= 0 ) {
++count;
} else {
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"Unable to chase referral \"%s\" (%d: %s)\n",
ref, ld->ld_errno, ldap_err2string( ld->ld_errno ) );
rc = ldap_append_referral( ld, &unfollowed, ref );
BerElement tmpber, *ber;
struct berval dn;
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"re_encode_request: new msgid %ld, new dn <%s>\n",
(long) msgid,
- ( srv == NULL || srv->lud_dn == NULL) ? "NONE" : srv->lud_dn, 0 );
+ ( srv == NULL || srv->lud_dn == NULL) ? "NONE" : srv->lud_dn );
tmpber = *origber;
#ifdef LDAP_DEBUG
if ( ldap_debug & LDAP_DEBUG_PACKETS ) {
- Debug( LDAP_DEBUG_ANY, "re_encode_request new request is:\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "re_encode_request new request is:\n" );
ber_log_dump( LDAP_DEBUG_BER, ldap_debug, ber, 0 );
}
#endif /* LDAP_DEBUG */
assert( ld != NULL );
assert( result != NULL );
- Debug( LDAP_DEBUG_TRACE, "ldap_result ld %p msgid %d\n", (void *)ld, msgid, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "ldap_result ld %p msgid %d\n", (void *)ld, msgid );
if (ld->ld_errno == LDAP_LOCAL_ERROR || ld->ld_errno == LDAP_SERVER_DOWN)
return -1;
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_res_mutex );
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"ldap_chkResponseList ld %p msgid %d all %d\n",
(void *)ld, msgid, all );
++cnt;
if ( ldap_abandoned( ld, lm->lm_msgid ) ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"response list msg abandoned, "
"msgid %d message type %s\n",
- lm->lm_msgid, ldap_int_msgtype2str( lm->lm_msgtype ), 0 );
+ lm->lm_msgid, ldap_int_msgtype2str( lm->lm_msgtype ) );
switch ( lm->lm_msgtype ) {
case LDAP_RES_SEARCH_ENTRY:
#ifdef LDAP_DEBUG
if ( lm == NULL) {
- Debug( LDAP_DEBUG_TRACE,
- "ldap_chkResponseList returns ld %p NULL\n", (void *)ld, 0, 0);
+ Debug1( LDAP_DEBUG_TRACE,
+ "ldap_chkResponseList returns ld %p NULL\n", (void *)ld );
} else {
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"ldap_chkResponseList returns ld %p msgid %d, type 0x%02lx\n",
(void *)ld, lm->lm_msgid, (unsigned long)lm->lm_msgtype );
}
#ifdef LDAP_DEBUG
if ( timeout == NULL ) {
- Debug( LDAP_DEBUG_TRACE, "wait4msg ld %p msgid %d (infinite timeout)\n",
- (void *)ld, msgid, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "wait4msg ld %p msgid %d (infinite timeout)\n",
+ (void *)ld, msgid );
} else {
- Debug( LDAP_DEBUG_TRACE, "wait4msg ld %p msgid %d (timeout %ld usec)\n",
+ Debug3( LDAP_DEBUG_TRACE, "wait4msg ld %p msgid %d (timeout %ld usec)\n",
(void *)ld, msgid, (long)timeout->tv_sec * 1000000 + timeout->tv_usec );
}
#endif /* LDAP_DEBUG */
while ( rc == LDAP_MSG_X_KEEP_LOOKING ) {
#ifdef LDAP_DEBUG
if ( ldap_debug & LDAP_DEBUG_TRACE ) {
- Debug( LDAP_DEBUG_TRACE, "wait4msg continue ld %p msgid %d all %d\n",
+ Debug3( LDAP_DEBUG_TRACE, "wait4msg continue ld %p msgid %d all %d\n",
(void *)ld, msgid, all );
ldap_dump_connection( ld, ld->ld_conns, 1 );
LDAP_MUTEX_LOCK( &ld->ld_req_mutex );
if ( rc == -1 ) {
err = sock_errno();
#ifdef LDAP_DEBUG
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"ldap_int_select returned -1: errno %d\n",
- err, 0, 0 );
+ err );
#endif
}
tv.tv_sec = tv0.tv_sec;
tv.tv_usec = tv0.tv_usec;
- Debug( LDAP_DEBUG_TRACE, "wait4msg ld %p %ld s %ld us to go\n",
+ Debug3( LDAP_DEBUG_TRACE, "wait4msg ld %p %ld s %ld us to go\n",
(void *)ld, (long) tv.tv_sec, (long) tv.tv_usec );
start_time_tv.tv_sec = curr_time_tv.tv_sec;
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_conn_mutex );
LDAP_ASSERT_MUTEX_OWNER( &ld->ld_req_mutex );
- Debug( LDAP_DEBUG_TRACE, "read1msg: ld %p msgid %d all %d\n",
+ Debug3( LDAP_DEBUG_TRACE, "read1msg: ld %p msgid %d all %d\n",
(void *)ld, msgid, all );
retry:
case LBER_DEFAULT:
err = sock_errno();
#ifdef LDAP_DEBUG
- Debug( LDAP_DEBUG_CONNS,
- "ber_get_next failed.\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_CONNS,
+ "ber_get_next failed.\n" );
#endif
if ( err == EWOULDBLOCK ) return LDAP_MSG_X_KEEP_LOOKING;
if ( err == EAGAIN ) return LDAP_MSG_X_KEEP_LOOKING;
break;
}
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"abandoned/discarded ld %p msgid %d message type %s\n",
(void *)ld, id, ldap_int_msgtype2str( tag ) );
break;
}
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"no request for response on ld %p msgid %d message type %s (tossing)\n",
(void *)ld, id, msg );
return( -1 );
}
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"read1msg: ld %p msgid %d message type %s\n",
(void *)ld, id, ldap_int_msgtype2str( tag ) );
/* If haven't got end search, set chasing referrals */
if ( lr->lr_status != LDAP_REQST_COMPLETED ) {
lr->lr_status = LDAP_REQST_CHASINGREFS;
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"read1msg: search ref chased, "
"mark request chasing refs, "
"id = %d\n",
- lr->lr_msgid, 0, 0 );
+ lr->lr_msgid );
}
}
}
if ( ber_scanf( &tmpber, "{v}", &refs) == LBER_ERROR) {
rc = LDAP_DECODING_ERROR;
lr->lr_status = LDAP_REQST_COMPLETED;
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"read1msg: referral decode error, "
"mark request completed, ld %p msgid %d\n",
- (void *)ld, lr->lr_msgid, 0 );
+ (void *)ld, lr->lr_msgid );
} else {
/* Chase the referral
refer_cnt = ldap_chase_v3referrals( ld, lr, refs,
0, &lr->lr_res_error, &hadref );
lr->lr_status = LDAP_REQST_COMPLETED;
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"read1msg: referral %s chased, "
"mark request completed, ld %p msgid %d\n",
refer_cnt > 0 ? "" : "not",
refer_cnt = ldap_chase_referrals( ld, lr,
&lr->lr_res_error, -1, &hadref );
lr->lr_status = LDAP_REQST_COMPLETED;
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"read1msg: V2 referral chased, "
"mark request completed, id = %d\n",
- lr->lr_msgid, 0, 0 );
+ lr->lr_msgid );
break;
}
}
LDAP_FREE( lr_res_error );
}
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"read1msg: ld %p %d new referrals\n",
- (void *)ld, refer_cnt, 0 );
+ (void *)ld, refer_cnt );
if ( refer_cnt != 0 ) { /* chasing referrals */
ber_free( ber, 1 );
}
lr->lr_status = LDAP_REQST_COMPLETED; /* declare this request done */
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"read1msg: mark request completed, ld %p msgid %d\n",
- (void *)ld, lr->lr_msgid, 0);
+ (void *)ld, lr->lr_msgid );
tmplr = lr;
while ( lr->lr_parent != NULL ) {
merge_error_info( ld, lr->lr_parent, lr );
{
id = lr->lr_msgid;
tag = lr->lr_res_msgtype;
- Debug( LDAP_DEBUG_TRACE, "request done: ld %p msgid %d\n",
- (void *)ld, id, 0 );
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE, "request done: ld %p msgid %d\n",
+ (void *)ld, id );
+ Debug3( LDAP_DEBUG_TRACE,
"res_errno: %d, res_error: <%s>, "
"res_matched: <%s>\n",
lr->lr_res_errno,
goto exit;
}
- Debug( LDAP_DEBUG_TRACE, "adding response ld %p msgid %d type %ld:\n",
+ Debug3( LDAP_DEBUG_TRACE, "adding response ld %p msgid %d type %ld:\n",
(void *)ld, newmsg->lm_msgid, (long) newmsg->lm_msgtype );
/* part of a search response - add to end of list of entries */
}
}
- Debug( LDAP_DEBUG_TRACE, "merged parent (id %d) error info: ",
- parentr->lr_msgid, 0, 0 );
- Debug( LDAP_DEBUG_TRACE, "result errno %d, error <%s>, matched <%s>\n",
+ Debug1( LDAP_DEBUG_TRACE, "merged parent (id %d) error info: ",
+ parentr->lr_msgid );
+ Debug3( LDAP_DEBUG_TRACE, "result errno %d, error <%s>, matched <%s>\n",
parentr->lr_res_errno,
parentr->lr_res_error ? parentr->lr_res_error : "",
parentr->lr_res_matched ? parentr->lr_res_matched : "" );
LDAPMessage *next;
int type = 0;
- Debug( LDAP_DEBUG_TRACE, "ldap_msgfree\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_msgfree\n" );
for ( ; lm != NULL; lm = next ) {
next = lm->lm_chain;
assert( ld != NULL );
- Debug( LDAP_DEBUG_TRACE, "ldap_msgdelete ld=%p msgid=%d\n",
- (void *)ld, msgid, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "ldap_msgdelete ld=%p msgid=%d\n",
+ (void *)ld, msgid );
LDAP_MUTEX_LOCK( &ld->ld_res_mutex );
prev = NULL;
int rc;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_sasl_bind\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
LDAPMessage *result;
struct berval *scredp = NULL;
- Debug( LDAP_DEBUG_TRACE, "ldap_sasl_bind_s\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_sasl_bind_s\n" );
/* do a quick !LDAPv3 check... ldap_sasl_bind will do the rest. */
if( servercredp != NULL ) {
ber_tag_t tag;
BerElement *ber;
- Debug( LDAP_DEBUG_TRACE, "ldap_parse_sasl_bind_result\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_parse_sasl_bind_result\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
char **values, *mechlist;
int rc;
- Debug( LDAP_DEBUG_TRACE, "ldap_pvt_sasl_getmech\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_pvt_sasl_getmech\n" );
rc = ldap_search_s( ld, "", LDAP_SCOPE_BASE,
NULL, attrs, 0, &res );
goto done;
}
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"ldap_sasl_interactive_bind: server supports: %s\n",
- smechs, 0, 0 );
+ smechs );
mechs = smechs;
} else {
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"ldap_sasl_interactive_bind: user selected: %s\n",
- mechs, 0, 0 );
+ mechs );
}
}
rc = ldap_int_sasl_bind( ld, dn, mechs,
Sockbuf *sb,
struct sb_sasl_generic_install *install_arg )
{
- Debug( LDAP_DEBUG_TRACE, "ldap_pvt_sasl_generic_install\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_pvt_sasl_generic_install\n" );
/* don't install the stuff unless security has been negotiated */
int msgid;
struct berval cred;
- Debug( LDAP_DEBUG_TRACE, "ldap_simple_bind\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_simple_bind\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
{
struct berval cred;
- Debug( LDAP_DEBUG_TRACE, "ldap_simple_bind_s\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_simple_bind_s\n" );
if ( passwd != NULL ) {
cred.bv_val = (char *) passwd;
int timelimit;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_search_ext\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_search_ext\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
BerElement *ber;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_search\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_search\n" );
assert( ld != NULL );
assert( LDAP_VALID( ld ) );
ptr = buf;
}
- Debug( LDAP_DEBUG_ARGS, "ldap_build_search_req ATTRS:%s\n", ptr, 0,0 );
+ Debug1( LDAP_DEBUG_ARGS, "ldap_build_search_req ATTRS:%s\n", ptr );
}
#endif /* LDAP_DEBUG */
#endif
lo->ldo_tls_ctx = ti->ti_ctx_new( lo );
if ( lo->ldo_tls_ctx == NULL ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not allocate default ctx.\n",
- 0,0,0);
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not allocate default ctx.\n" );
rc = -1;
goto error_exit;
}
ssl = tls_imp->ti_session_new( ctx, is_server );
if ( ssl == NULL ) {
- Debug( LDAP_DEBUG_ANY,"TLS: can't create ssl handle.\n",0,0,0);
+ Debug0( LDAP_DEBUG_ANY,"TLS: can't create ssl handle.\n" );
return NULL;
}
return ssl;
#endif
}
- Debug( LDAP_DEBUG_ANY,"TLS: can't connect: %s.\n",
- ld->ld_error ? ld->ld_error : "" ,0,0);
+ Debug1( LDAP_DEBUG_ANY,"TLS: can't connect: %s.\n",
+ ld->ld_error ? ld->ld_error : "" );
ber_sockbuf_remove_io( sb, tls_imp->ti_sbio,
LBER_SBIOD_LEVEL_TRANSPORT );
if ( DebugTest( LDAP_DEBUG_ANY ) ) {
char buf[256], *msg;
msg = tls_imp->ti_session_errmsg( ssl, err, buf, sizeof(buf) );
- Debug( LDAP_DEBUG_ANY,"TLS: can't accept: %s.\n",
- msg ? msg : "(unknown)", 0, 0 );
+ Debug1( LDAP_DEBUG_ANY,"TLS: can't accept: %s.\n",
+ msg ? msg : "(unknown)" );
}
ber_sockbuf_remove_io( sb, tls_imp->ti_sbio,
} else if ( sb->sb_trans_needs_write ) {
wr=1;
}
- Debug( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ldap_int_tls_connect needs %s\n",
- wr ? "write": "read", 0, 0);
+ Debug1( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ldap_int_tls_connect needs %s\n",
+ wr ? "write": "read" );
ret = ldap_int_poll( ld, sd, &tv, wr);
if ( ret < 0 ) {
start_time_tv.tv_usec = curr_time_tv.tv_usec;
}
tv = tv0;
- Debug( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ld %p %ld s %ld us to go\n",
+ Debug3( LDAP_DEBUG_TRACE, "ldap_int_tls_start: ld %p %ld s %ld us to go\n",
(void *)ld, (long) tv.tv_sec, (long) tv.tv_usec );
}
}
if ( lo->ldo_tls_ciphersuite &&
tlsg_parse_ciphers( ctx, lt->lt_ciphersuite )) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not set cipher list %s.\n",
- lo->ldo_tls_ciphersuite, 0, 0 );
+ lo->ldo_tls_ciphersuite );
return -1;
}
if (lo->ldo_tls_cacertdir != NULL) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: warning: cacertdir not implemented for gnutls\n",
- NULL, NULL, NULL );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: warning: cacertdir not implemented for gnutls\n" );
}
if (lo->ldo_tls_cacertfile != NULL) {
rc = gnutls_certificate_set_x509_key( ctx->cred, certs, max, key );
if ( rc ) return -1;
} else if (( lo->ldo_tls_certfile || lo->ldo_tls_keyfile )) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: only one of certfile and keyfile specified\n",
- NULL, NULL, NULL );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: only one of certfile and keyfile specified\n" );
return -1;
} else if (( lo->ldo_tls_cert.bv_val || lo->ldo_tls_key.bv_val )) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: only one of cert and key specified\n",
- NULL, NULL, NULL );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: only one of cert and key specified\n" );
return -1;
}
peer_cert_list = gnutls_certificate_get_peers( s->session,
&list_size );
if ( !peer_cert_list ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get peer certificate.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: unable to get peer certificate.\n" );
/* If this was a fatal condition, things would have
* aborted long before now.
*/
}
if ( ret < 0 ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get common name from peer certificate.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: unable to get common name from peer certificate.\n" );
ret = LDAP_CONNECT_ERROR;
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
if( ret == LDAP_LOCAL_ERROR ) {
altname[altnamesize] = '\0';
- Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
+ Debug2( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
"common name in certificate (%s).\n",
- name, altname, 0 );
+ name, altname );
ret = LDAP_CONNECT_ERROR;
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
if ( hashalg ) {
alg = gnutls_digest_get_id( hashalg );
if ( alg == GNUTLS_DIG_UNKNOWN ) {
- Debug( LDAP_DEBUG_ANY, "tlsg_session_pinning: "
+ Debug1( LDAP_DEBUG_ANY, "tlsg_session_pinning: "
"unknown hashing algorithm for GnuTLS: '%s'\n",
- hashalg, 0, 0 );
+ hashalg );
return rc;
}
}
if ( ber_bvcmp( hash, &keyhash ) ) {
rc = LDAP_CONNECT_ERROR;
- Debug( LDAP_DEBUG_ANY, "tlsg_session_pinning: "
- "public key hash does not match provided pin.\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "tlsg_session_pinning: "
+ "public key hash does not match provided pin.\n" );
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
}
err = gnutls_certificate_verify_peers2( ssl->session, &status );
if ( err < 0 ) {
- Debug( LDAP_DEBUG_ANY,"TLS: gnutls_certificate_verify_peers2 failed %d\n",
- err,0,0 );
+ Debug1( LDAP_DEBUG_ANY,"TLS: gnutls_certificate_verify_peers2 failed %d\n",
+ err );
return -1;
}
if ( status ) {
- Debug( LDAP_DEBUG_TRACE,"TLS: peer cert untrusted or revoked (0x%x)\n",
- status, 0,0 );
+ Debug1( LDAP_DEBUG_TRACE,"TLS: peer cert untrusted or revoked (0x%x)\n",
+ status );
return -1;
}
peertime = gnutls_certificate_expiration_time_peers( ssl->session );
if ( peertime == (time_t) -1 ) {
- Debug( LDAP_DEBUG_ANY, "TLS: gnutls_certificate_expiration_time_peers failed\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "TLS: gnutls_certificate_expiration_time_peers failed\n" );
return -1;
}
if ( peertime < now ) {
- Debug( LDAP_DEBUG_ANY, "TLS: peer certificate is expired\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "TLS: peer certificate is expired\n" );
return -1;
}
peertime = gnutls_certificate_activation_time_peers( ssl->session );
if ( peertime == (time_t) -1 ) {
- Debug( LDAP_DEBUG_ANY, "TLS: gnutls_certificate_activation_time_peers failed\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "TLS: gnutls_certificate_activation_time_peers failed\n" );
return -1;
}
if ( peertime > now ) {
- Debug( LDAP_DEBUG_ANY, "TLS: peer certificate not yet active\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "TLS: peer certificate not yet active\n" );
return -1;
}
return 0;
tlsm_thr_init_callonce( void )
{
if ( ldap_pvt_thread_mutex_init( &tlsm_ctx_count_mutex ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not create mutex for context counter: %d\n", errno, 0, 0 );
+ Debug1( LDAP_DEBUG_ANY,
+ "TLS: could not create mutex for context counter: %d\n", errno );
return PR_FAILURE;
}
if ( ldap_pvt_thread_mutex_init( &tlsm_init_mutex ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not create mutex for moznss initialization: %d\n", errno, 0, 0 );
+ Debug1( LDAP_DEBUG_ANY,
+ "TLS: could not create mutex for moznss initialization: %d\n", errno );
return PR_FAILURE;
}
if ( ldap_pvt_thread_mutex_init( &tlsm_pem_mutex ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not create mutex for PEM module: %d\n", errno, 0, 0 );
+ Debug1( LDAP_DEBUG_ANY,
+ "TLS: could not create mutex for PEM module: %d\n", errno );
return PR_FAILURE;
}
}
SSL_CipherPolicyGet(cipher, &policy);
SSL_GetCipherSuiteInfo(cipher, &info, (PRUintn)sizeof(info));
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS: cipher: %d - %s, enabled: %d, ",
info.cipherSuite, info.cipherSuiteName, enabled );
- Debug( LDAP_DEBUG_TRACE,
- "policy: %d\n", policy, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE,
+ "policy: %d\n", policy );
}
return "";
SSL3Statistics * ssl3stats = SSL_GetStatistics();
SSL_SecurityStatus( fd, &op, &cp, &kp0, &kp1, &ip, &sp );
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS certificate verification: subject: %s, issuer: %s, cipher: %s, ",
sp ? sp : "-unknown-", ip ? ip : "-unknown-", cp ? cp : "-unknown-" );
PR_Free(cp);
PR_Free(ip);
PR_Free(sp);
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"security level: %s, secret key bits: %d, total key bits: %d, ",
((op == SSL_SECURITY_STATUS_ON_HIGH) ? "high" :
((op == SSL_SECURITY_STATUS_ON_LOW) ? "low" : "off")),
kp1, kp0 );
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"cache hits: %ld, cache misses: %ld, cache not reusable: %ld\n",
ssl3stats->hch_sid_cache_hits, ssl3stats->hch_sid_cache_misses,
ssl3stats->hch_sid_cache_not_ok );
/* open the password file */
if ( !pwd_fileptr ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not open security pin file %s - error %d:%s.\n",
ctx->tc_pin_file, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
/* get the file size */
if ( PR_SUCCESS != PR_GetFileInfo( ctx->tc_pin_file, &file_info ) ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not get file info from pin file %s - error %d:%s.\n",
ctx->tc_pin_file, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
/* create a buffer to hold the file contents */
if ( !( contents = PR_CALLOC( file_info.size + 1 ) ) ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not alloc a buffer for contents of pin file %s - error %d:%s.\n",
ctx->tc_pin_file, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
/* read file into the buffer */
if( PR_Read( pwd_fileptr, contents, file_info.size ) <= 0 ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not read the file contents from pin file %s - error %d:%s.\n",
ctx->tc_pin_file, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
PK11SlotList *slots = PK11_GetAllSlotsForCert( ctx->tc_certificate, NULL );
if ( !slots ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: cannot get all slots for certificate '%s' (error %d: %s)",
tlsm_ctx_subject_name( ctx ), errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
memset( &verifylog, 0, sizeof( verifylog ) );
verifylog.arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE );
if ( verifylog.arena == NULL ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS certificate verification: Out of memory for certificate verification logger\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS certificate verification: Out of memory for certificate verification logger\n" );
return SECFailure;
}
ret = CERT_VerifyCertificate( handle, cert, checksig, certUsage, PR_Now(), pinarg, &verifylog,
/* it is possible for CERT_VerifyCertificate return with an error with no logging */
if ( ret != SECSuccess ) {
PRErrorCode errcode = PR_GetError();
- Debug( debug_level,
+ Debug3( debug_level,
"TLS: certificate [%s] is not valid - error %d:%s.\n",
name ? name : "(unknown)",
errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
CERTBasicConstraints basicConstraint;
SECStatus rv = tlsm_get_basic_constraint_extension( node->cert, &basicConstraint );
if ( ( rv == SECSuccess ) && ( basicConstraint.isCA == PR_FALSE ) ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"TLS: certificate [%s] is not correct because it is a CA cert and the "
"BasicConstraint CA flag is set to FALSE - allowing for now, but "
- "please fix your certs if possible\n", name, 0, 0 );
+ "please fix your certs if possible\n", name );
} else { /* does not have basicconstraint, or some other error */
ret = SECFailure;
- Debug( debug_level,
+ Debug1( debug_level,
"TLS: certificate [%s] is not valid - CA cert is not valid\n",
- name, 0, 0 );
+ name );
}
PR_SetError( orig_error, orig_oserror );
node->error == SEC_ERROR_UNTRUSTED_ISSUER )
) ) {
ret = SECSuccess;
- Debug( debug_level,
+ Debug3( debug_level,
"TLS: Warning: ignoring error for certificate [%s] - error %ld:%s.\n",
name, node->error, PR_ErrorToString( node->error, PR_LANGUAGE_I_DEFAULT ) );
} else {
ret = SECFailure;
- Debug( debug_level,
+ Debug3( debug_level,
"TLS: certificate [%s] is not valid - error %ld:%s.\n",
name, node->error, PR_ErrorToString( node->error, PR_LANGUAGE_I_DEFAULT ) );
}
PORT_FreeArena( verifylog.arena, PR_FALSE );
if ( ret == SECSuccess ) {
- Debug( LDAP_DEBUG_TRACE,
- "TLS: certificate [%s] is valid\n", name, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE,
+ "TLS: certificate [%s] is valid\n", name );
}
return ret;
status = PR_GetFileInfo( filename, &fi );
if ( PR_SUCCESS != status) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not read certificate file %s - error %d:%s.\n",
filename, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
if ( fi.type != PR_FILE_FILE ) {
PR_SetError(PR_IS_DIRECTORY_ERROR, 0);
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: error: the certificate file %s is not a file.\n",
- filename, 0 ,0 );
+ filename );
return -1;
}
if ( !slot ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not find the slot for the certificate '%s' - error %d:%s.\n",
filename, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
return -1;
if ( !cert ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not add the certificate '%s' - error %d:%s.\n",
filename, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
PK11_FreeSlot( slot );
if ( !isca ) {
if ( PK11_ReadRawAttribute( PK11_TypeGeneric, cert, CKA_VALUE, &certDER ) != SECSuccess ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not get DER of the '%s' certificate - error %d:%s.\n",
filename, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
PK11_DestroyGenericObject( cert );
if ( !ctx->tc_certificate ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not get certificate '%s' using DER - error %d:%s.\n",
filename, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
PK11_DestroyGenericObject( cert );
void *pin_arg = SSL_RevealPinArg( ctx->tc_model );
SECKEYPrivateKey *unlocked_key = tlsm_find_unlocked_key( ctx, pin_arg );
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: %s unlocked certificate for certificate '%s'.\n",
- unlocked_key ? "found" : "no", tlsm_ctx_subject_name( ctx ), 0 );
+ unlocked_key ? "found" : "no", tlsm_ctx_subject_name( ctx ) );
/* prefer unlocked key, then key from opened certdb, then any other */
if ( unlocked_key )
if ( !ctx->tc_private_key ) {
PRErrorCode errcode = PR_GetError();
- Debug(LDAP_DEBUG_ANY,
+ Debug3(LDAP_DEBUG_ANY,
"TLS: cannot find private key for certificate '%s' (error %d: %s)",
tlsm_ctx_subject_name( ctx ), errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
status = PR_GetFileInfo( filename, &fi );
if ( PR_SUCCESS != status) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not read key file %s - error %d:%s.\n",
filename, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
if ( fi.type != PR_FILE_FILE ) {
PR_SetError(PR_IS_DIRECTORY_ERROR, 0);
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: error: the key file %s is not a file.\n",
- filename, 0 ,0 );
+ filename );
return -1;
}
if ( !slot ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not find the slot for the private key '%s' - error %d:%s.\n",
filename, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
return -1;
if ( !key ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not add the private key '%s' - error %d:%s.\n",
filename, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
retcode = -1;
int rc = tlsm_add_cert_from_file( ctx, cacertfile, isca );
if ( rc ) {
errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: %s is not a valid CA certificate file - error %d:%s.\n",
cacertfile, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
also specified and contains valid CA cert files */
status = PR_FAILURE;
} else {
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"TLS: loaded CA certificate file %s.\n",
- cacertfile, 0, 0 );
+ cacertfile );
}
}
fistatus = PR_GetFileInfo( cacertdir, &fi );
if ( PR_SUCCESS != fistatus) {
errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not get info about the CA certificate directory %s - error %d:%s.\n",
cacertdir, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
}
if ( fi.type != PR_FILE_DIRECTORY ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: error: the CA certificate directory %s is not a directory.\n",
- cacertdir, 0 ,0 );
+ cacertdir );
goto done;
}
dir = PR_OpenDir( cacertdir );
if ( NULL == dir ) {
errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: could not open the CA certificate directory %s - error %d:%s.\n",
cacertdir, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
}
if ( regcomp( &hashfile_re, PEM_CA_HASH_FILE_REGEX, REG_NOSUB|REG_EXTENDED ) != 0 ) {
- Debug( LDAP_DEBUG_ANY, "TLS: cannot compile regex for CA hash files matching\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "TLS: cannot compile regex for CA hash files matching\n" );
goto done;
}
match = regexec( &hashfile_re, entry->name, 0, NULL, 0 );
if ( match == REG_NOMATCH ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug1( LDAP_DEBUG_TRACE,
"TLS: skipping '%s' - filename does not have expected format "
- "(certificate hash with numeric suffix)\n", entry->name, 0, 0 );
+ "(certificate hash with numeric suffix)\n", entry->name );
continue;
} else if ( match != 0 ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: cannot execute regex for CA hash file matching (%d).\n",
- match, 0, 0 );
+ match );
continue;
}
fullpath = PR_smprintf( "%s/%s", cacertdir, entry->name );
if ( !tlsm_add_cert_from_file( ctx, fullpath, isca ) ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"TLS: loaded CA certificate file %s from CA certificate directory %s.\n",
- fullpath, cacertdir, 0 );
+ fullpath, cacertdir );
} else {
errcode = PR_GetError();
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS: %s is not a valid CA certificate file - error %d:%s.\n",
fullpath, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
token_desc = PR_smprintf( TLSM_CERTDB_DESC_FMT, ctx->tc_unique );
config = PR_smprintf( "configDir='%s' tokenDescription='%s' certPrefix='%s' keyPrefix='%s' flags=readOnly",
dbdir, token_desc, prefix, prefix );
- Debug( LDAP_DEBUG_TRACE, "TLS: certdb config: %s\n", config, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "TLS: certdb config: %s\n", config );
slot = SECMOD_OpenUserDB( config );
if ( !slot ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_TRACE, "TLS: cannot open certdb '%s', error %d:%s\n", dbdir, errcode,
+ Debug3( LDAP_DEBUG_TRACE, "TLS: cannot open certdb '%s', error %d:%s\n", dbdir, errcode,
PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
}
if ( SECFailure == ( rc = SECMOD_RestartModules(PR_FALSE /* do not force */) ) ) {
errcode = PORT_GetError();
if ( errcode != SEC_ERROR_NOT_INITIALIZED ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"TLS: could not restart the security modules: %d:%s\n",
- errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ), 0 );
+ errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
} else {
errcode = 1;
}
if ( rc != SECSuccess ) {
errcode = PORT_GetError();
if ( securitydirs[ii] != lt->lt_cacertdir) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS: could not initialize moznss using security dir %s prefix %s - error %d.\n",
realcertdir, prefix, errcode );
}
} else {
/* success */
- Debug( LDAP_DEBUG_TRACE, "TLS: using moznss security dir %s prefix %s.\n",
- realcertdir, prefix, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "TLS: using moznss security dir %s prefix %s.\n",
+ realcertdir, prefix );
errcode = 0;
done = 1;
}
#endif
if ( rc != SECSuccess ) {
errcode = PORT_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: could not initialize moznss - error %d:%s.\n",
- errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ), 0 );
+ errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
return -1;
}
}
/* initialize the PEM module */
if ( tlsm_init_pem_module() ) {
int pem_errcode = PORT_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: could not initialize moznss PEM module - error %d:%s.\n",
- pem_errcode, PR_ErrorToString( pem_errcode, PR_LANGUAGE_I_DEFAULT ), 0 );
+ pem_errcode, PR_ErrorToString( pem_errcode, PR_LANGUAGE_I_DEFAULT ) );
if ( errcode ) /* PEM is required */
return -1;
char *realcertdir = NULL;
char *prefix = NULL;
tlsm_get_certdb_prefix( lt->lt_cacertdir, &realcertdir, &prefix );
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS: could not initialize moznss using security dir %s prefix %s - error %d.\n",
realcertdir, prefix ? prefix : "", errcode );
if ( realcertdir != lt->lt_cacertdir ) {
/* register cleanup function */
if ( tlsm_register_nss_shutdown() ) {
errcode = PORT_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: could not register NSS shutdown function: %d:%s\n",
- errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ), 0 );
+ errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
return -1;
}
rc = tlsm_find_and_verify_cert_key(ctx);
ctx->tc_warn_only = saveval;
if ( rc ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: error: unable to set up client certificate authentication for "
- "certificate named %s\n", tlsm_ctx_subject_name(ctx), 0, 0 );
+ "certificate named %s\n", tlsm_ctx_subject_name(ctx) );
return -1;
}
if ( c->tc_certdb_slot ) {
if ( SECMOD_CloseUserDB( c->tc_certdb_slot ) ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: could not close certdb slot - error %d:%s.\n",
- errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ), 0 );
+ errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
}
}
if ( c->tc_pin_file ) {
if ( c->tc_initctx ) {
if ( NSS_ShutdownContext( c->tc_initctx ) ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: could not shutdown NSS - error %d:%s.\n",
- errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ), 0 );
+ errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
}
}
c->tc_initctx = NULL;
struct ldaptls *lt;
if ( tlsm_deferred_init( ctx ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not perform TLS system initialization.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not perform TLS system initialization.\n" );
return -1;
}
if ( !ctx->tc_model ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: could perform TLS socket I/O layer initialization - error %d:%s.\n",
- err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ), NULL );
+ err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ) );
if ( fd ) {
PR_Close( fd );
}
if ( SSL_SetPKCS11PinArg(ctx->tc_model, ctx) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set pin prompt argument\n", 0, 0, 0);
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set pin prompt argument\n" );
return -1;
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_SECURITY, PR_TRUE ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set secure mode on.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set secure mode on.\n" );
return -1;
}
sslv3 = PR_FALSE;
} else if ( lt->lt_protocol_min <= LDAP_OPT_X_TLS_PROTOCOL_SSL2 ) {
sslv2 = PR_TRUE;
- Debug( LDAP_DEBUG_ANY,
+ Debug0( LDAP_DEBUG_ANY,
"TLS: warning: minimum TLS protocol level set to "
- "include SSLv2 - SSLv2 is insecure - do not use\n", 0, 0, 0 );
+ "include SSLv2 - SSLv2 is insecure - do not use\n" );
}
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_ENABLE_SSL2, sslv2 ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set SSLv2 mode on.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set SSLv2 mode on.\n" );
return -1;
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_ENABLE_SSL3, sslv3 ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set SSLv3 mode on.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set SSLv3 mode on.\n" );
return -1;
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_ENABLE_TLS, tlsv1 ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set TLSv1 mode on.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set TLSv1 mode on.\n" );
return -1;
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_HANDSHAKE_AS_CLIENT, !ctx->tc_is_server ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set handshake as client.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set handshake as client.\n" );
return -1;
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_HANDSHAKE_AS_SERVER, ctx->tc_is_server ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set handshake as server.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set handshake as server.\n" );
return -1;
}
if ( lt->lt_ciphersuite ) {
if ( tlsm_parse_ciphers( ctx, lt->lt_ciphersuite ) ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not set cipher list %s.\n",
- lt->lt_ciphersuite, 0, 0 );
+ lt->lt_ciphersuite );
return -1;
}
} else if ( tlsm_parse_ciphers( ctx, "DEFAULT" ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set cipher list DEFAULT.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set cipher list DEFAULT.\n" );
return -1;
}
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_REQUEST_CERTIFICATE, request_cert ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set request certificate mode.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set request certificate mode.\n" );
return -1;
}
if ( SECSuccess != SSL_OptionSet( ctx->tc_model, SSL_REQUIRE_CERTIFICATE, require_cert ) ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not set require certificate mode.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not set require certificate mode.\n" );
return -1;
}
if ( !ctx->tc_certificate ) {
PRErrorCode errcode = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: error: the certificate '%s' could not be found in the database - error %d:%s.\n",
lt->lt_certfile, errcode, PR_ErrorToString( errcode, PR_LANGUAGE_I_DEFAULT ) );
}
if ( !ctx->tc_certificate ) {
if ( !pem_module && tlsm_init_pem_module() ) {
int pem_errcode = PORT_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: fallback to PEM impossible, module cannot be loaded - error %d:%s.\n",
- pem_errcode, PR_ErrorToString( pem_errcode, PR_LANGUAGE_I_DEFAULT ), 0 );
+ pem_errcode, PR_ErrorToString( pem_errcode, PR_LANGUAGE_I_DEFAULT ) );
return -1;
}
}
if ( ctx->tc_certificate ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: certificate '%s' successfully loaded from %s.\n", lt->lt_certfile,
- ctx->tc_using_pem ? "PEM file" : "moznss database", 0);
+ ctx->tc_using_pem ? "PEM file" : "moznss database" );
} else {
return -1;
}
if ( !ctx->tc_is_server ) {
if ( SSL_OptionSet( ctx->tc_model, SSL_NO_CACHE, PR_TRUE ) != SECSuccess ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: error: could not set nocache option for moznss - error %d:%s\n",
- err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ), NULL );
+ err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ) );
return -1;
}
if ( SSL_BadCertHook( ctx->tc_model, tlsm_bad_cert_handler, ctx ) != SECSuccess ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: error: could not set bad cert handler for moznss - error %d:%s\n",
- err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ), NULL );
+ err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ) );
return -1;
}
*/
if ( ctx->tc_certificate ) {
if ( tlsm_clientauth_init( ctx ) ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: error: unable to set up client certificate authentication using '%s'\n",
- tlsm_ctx_subject_name(ctx), 0, 0 );
+ tlsm_ctx_subject_name(ctx) );
return -1;
}
}
/* must have a certificate for the server to use */
if ( !ctx->tc_certificate ) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: error: no server certificate: must specify a certificate for the server to use\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: error: no server certificate: must specify a certificate for the server to use\n" );
return -1;
}
if ( tlsm_find_and_verify_cert_key( ctx ) ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: error: unable to find and verify server's cert and key for certificate %s\n",
- tlsm_ctx_subject_name(ctx), 0, 0 );
+ tlsm_ctx_subject_name(ctx) );
return -1;
}
if ( SECSuccess != status ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: error: unable to configure secure server using certificate '%s' - error %d:%s\n",
tlsm_ctx_subject_name(ctx), err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ) );
return -1;
if ( SSL_AuthCertificateHook( ctx->tc_model, tlsm_auth_cert_handler,
ctx ) != SECSuccess ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: error: could not set auth cert handler for moznss - error %d:%s\n",
- err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ), NULL );
+ err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ) );
return -1;
}
if ( SSL_HandshakeCallback( ctx->tc_model, tlsm_handshake_complete_cb, ctx ) ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: error: could not set handshake callback for moznss - error %d:%s\n",
- err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ), NULL );
+ err, PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ) );
return -1;
}
LDAP_MUTEX_UNLOCK( &tlsm_init_mutex );
if ( PR_SUCCESS != status ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: error: could not initialize moznss security context - error %d:%s\n",
- err, PR_ErrorToString(err, PR_LANGUAGE_I_DEFAULT), NULL );
+ err, PR_ErrorToString(err, PR_LANGUAGE_I_DEFAULT) );
return NULL;
}
rc = SSL_ResetHandshake( session, is_server );
if ( rc ) {
PRErrorCode err = PR_GetError();
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS: error: new session - reset handshake failure %d - error %d:%s\n",
rc, err,
err ? PR_ErrorToString( err, PR_LANGUAGE_I_DEFAULT ) : "unknown" );
ber_tag_t thetag = LBER_DEFAULT;
/* see if we are blocked because of a bogus packet */
if ( tlsm_is_non_ssl_message( s, &thetag ) ) { /* see if we received a non-SSL message */
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: error: %s - error - received non-SSL message [0x%x]\n",
- op, (unsigned int)thetag, 0 );
+ op, (unsigned int)thetag );
/* reset error to something more descriptive */
PR_SetError( SSL_ERROR_RX_MALFORMED_HELLO_REQUEST, EPROTO );
}
} else {
- Debug( LDAP_DEBUG_ANY,
+ Debug3( LDAP_DEBUG_ANY,
"TLS: error: %s - force handshake failure: errno %d - moznss error %d\n",
op, errno, err );
}
cert = SSL_PeerCertificate( s );
if (!cert) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get peer certificate.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: unable to get peer certificate.\n" );
/* if this was a fatal condition, things would have
* aborted long before now.
*/
}
}
if ( ret != LDAP_SUCCESS ) {
- Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
+ Debug2( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
"common name in certificate (%s).\n",
- name, buf, 0 );
+ name, buf );
ret = LDAP_CONNECT_ERROR;
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
if ( errno == EAGAIN || errno == EWOULDBLOCK ) {
p->nonblock = PR_TRUE; /* fd is using non-blocking io */
} else if ( errno ) { /* real error */
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS: error: tlsm_PR_Recv returned %d - error %d:%s\n",
rc, errno, STRERROR(errno) );
}
if ( errno == EAGAIN || errno == EWOULDBLOCK ) {
p->nonblock = PR_TRUE;
} else if ( errno ) { /* real error */
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS: error: tlsm_PR_Send returned %d - error %d:%s\n",
rc, errno, STRERROR(errno) );
}
if ( lo->ldo_tls_ciphersuite &&
!SSL_CTX_set_cipher_list( ctx, lt->lt_ciphersuite ) )
{
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not set cipher list %s.\n",
- lo->ldo_tls_ciphersuite, 0, 0 );
+ lo->ldo_tls_ciphersuite );
tlso_report_error();
return -1;
}
if ( lo->ldo_tls_cacertfile == NULL && lo->ldo_tls_cacertdir == NULL &&
lo->ldo_tls_cacert.bv_val == NULL ) {
if ( !SSL_CTX_set_default_verify_paths( ctx ) ) {
- Debug( LDAP_DEBUG_ANY, "TLS: "
- "could not use default certificate paths", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "TLS: "
+ "could not use default certificate paths" );
tlso_report_error();
return -1;
}
cert = d2i_X509( NULL, &pp, lo->ldo_tls_cacert.bv_len );
X509_STORE *store = SSL_CTX_get_cert_store( ctx );
if ( !X509_STORE_add_cert( store, cert )) {
- Debug( LDAP_DEBUG_ANY, "TLS: "
- "could not use CA certificate", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "TLS: "
+ "could not use CA certificate" );
tlso_report_error();
return -1;
}
if (( lt->lt_cacertfile || lt->lt_cacertdir ) && !SSL_CTX_load_verify_locations( ctx,
lt->lt_cacertfile, lt->lt_cacertdir ) )
{
- Debug( LDAP_DEBUG_ANY, "TLS: "
+ Debug2( LDAP_DEBUG_ANY, "TLS: "
"could not load verify locations (file:`%s',dir:`%s').\n",
lo->ldo_tls_cacertfile ? lo->ldo_tls_cacertfile : "",
- lo->ldo_tls_cacertdir ? lo->ldo_tls_cacertdir : "",
- 0 );
+ lo->ldo_tls_cacertdir ? lo->ldo_tls_cacertdir : "" );
tlso_report_error();
return -1;
}
/* List of CA names to send to a client */
calist = tlso_ca_list( lt->lt_cacertfile, lt->lt_cacertdir, cert );
if ( !calist ) {
- Debug( LDAP_DEBUG_ANY, "TLS: "
+ Debug2( LDAP_DEBUG_ANY, "TLS: "
"could not load client CA list (file:`%s',dir:`%s').\n",
lo->ldo_tls_cacertfile ? lo->ldo_tls_cacertfile : "",
- lo->ldo_tls_cacertdir ? lo->ldo_tls_cacertdir : "",
- 0 );
+ lo->ldo_tls_cacertdir ? lo->ldo_tls_cacertdir : "" );
tlso_report_error();
return -1;
}
const unsigned char *pp = lo->ldo_tls_cert.bv_val;
X509 *cert = d2i_X509( NULL, &pp, lo->ldo_tls_cert.bv_len );
if ( !SSL_CTX_use_certificate( ctx, cert )) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not use certificate.\n", 0,0,0);
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not use certificate.\n" );
tlso_report_error();
return -1;
}
!SSL_CTX_use_certificate_file( ctx,
lt->lt_certfile, SSL_FILETYPE_PEM ) )
{
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not use certificate file `%s'.\n",
- lo->ldo_tls_certfile,0,0);
+ lo->ldo_tls_certfile );
tlso_report_error();
return -1;
}
EVP_PKEY *pkey = d2i_AutoPrivateKey( NULL, &pp, lo->ldo_tls_key.bv_len );
if ( !SSL_CTX_use_PrivateKey( ctx, pkey ))
{
- Debug( LDAP_DEBUG_ANY,
- "TLS: could not use private key.\n", 0,0,0);
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: could not use private key.\n" );
tlso_report_error();
return -1;
}
!SSL_CTX_use_PrivateKey_file( ctx,
lt->lt_keyfile, SSL_FILETYPE_PEM ) )
{
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not use key file `%s'.\n",
- lo->ldo_tls_keyfile,0,0);
+ lo->ldo_tls_keyfile );
tlso_report_error();
return -1;
}
BIO *bio;
if (( bio=BIO_new_file( lt->lt_dhfile,"r" )) == NULL ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not use DH parameters file `%s'.\n",
- lo->ldo_tls_dhfile,0,0);
+ lo->ldo_tls_dhfile );
tlso_report_error();
return -1;
}
if (!( dh=PEM_read_bio_DHparams( bio, NULL, NULL, NULL ))) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not read DH parameters file `%s'.\n",
- lo->ldo_tls_dhfile,0,0);
+ lo->ldo_tls_dhfile );
tlso_report_error();
BIO_free( bio );
return -1;
if ( is_server && lo->ldo_tls_ecname ) {
#ifdef OPENSSL_NO_EC
- Debug( LDAP_DEBUG_ANY,
- "TLS: Elliptic Curves not supported.\n", 0,0,0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: Elliptic Curves not supported.\n" );
return -1;
#else
EC_KEY *ecdh;
int nid = OBJ_sn2nid( lt->lt_ecname );
if ( nid == NID_undef ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not use EC name `%s'.\n",
- lo->ldo_tls_ecname,0,0);
+ lo->ldo_tls_ecname );
tlso_report_error();
return -1;
}
ecdh = EC_KEY_new_by_curve_name( nid );
if ( ecdh == NULL ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS: could not generate key for EC name `%s'.\n",
- lo->ldo_tls_ecname,0,0);
+ lo->ldo_tls_ecname );
tlso_report_error();
return -1;
}
x = tlso_get_cert(s);
if (!x) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get peer certificate.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: unable to get peer certificate.\n" );
/* If this was a fatal condition, things would have
* aborted long before now.
*/
if( !cn )
{
no_cn:
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get common name from peer certificate.\n",
- 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: unable to get common name from peer certificate.\n" );
ret = LDAP_CONNECT_ERROR;
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
}
if( ret == LDAP_LOCAL_ERROR ) {
- Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
+ Debug3( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
"common name in certificate (%.*s).\n",
name, cn->length, cn->data );
ret = LDAP_CONNECT_ERROR;
md = EVP_get_digestbyname( hashalg );
if ( !md ) {
- Debug( LDAP_DEBUG_TRACE, "tlso_session_pinning: "
- "hash %s not recognised by OpenSSL\n", hashalg, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "tlso_session_pinning: "
+ "hash %s not recognised by OpenSSL\n", hashalg );
rc = -1;
goto done;
}
if ( ber_bvcmp( hash, &keyhash ) ) {
rc = LDAP_CONNECT_ERROR;
- Debug( LDAP_DEBUG_ANY, "tlso_session_pinning: "
- "public key hash does not match provided pin.\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_ANY, "tlso_session_pinning: "
+ "public key hash does not match provided pin.\n" );
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
}
}
#endif
if ( where & SSL_CB_LOOP ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"TLS trace: %s:%s\n",
- op, state, 0 );
+ op, state );
} else if ( where & SSL_CB_ALERT ) {
char *atype = (char *) SSL_alert_type_string_long( ret );
__etoa( adesc );
}
#endif
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS trace: SSL3 alert %s:%s:%s\n",
op, atype, adesc );
#ifdef HAVE_EBCDIC
#endif
} else if ( where & SSL_CB_EXIT ) {
if ( ret == 0 ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"TLS trace: %s:failed in %s\n",
- op, state, 0 );
+ op, state );
} else if ( ret < 0 ) {
- Debug( LDAP_DEBUG_TRACE,
+ Debug2( LDAP_DEBUG_TRACE,
"TLS trace: %s:error in %s\n",
- op, state, 0 );
+ op, state );
}
}
#ifdef HAVE_EBCDIC
__etoa( certerr );
}
#endif
- Debug( LDAP_DEBUG_TRACE,
+ Debug3( LDAP_DEBUG_TRACE,
"TLS certificate verification: depth: %d, err: %d, subject: %s,",
errdepth, errnum,
sname ? sname : "-unknown-" );
- Debug( LDAP_DEBUG_TRACE, " issuer: %s\n", iname ? iname : "-unknown-", 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, " issuer: %s\n", iname ? iname : "-unknown-" );
if ( !ok ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug1( LDAP_DEBUG_ANY,
"TLS certificate verification: Error, %s\n",
- certerr, 0, 0 );
+ certerr );
}
if ( sname )
OPENSSL_free ( sname );
}
__etoa( buf );
#endif
- Debug( LDAP_DEBUG_ANY, "TLS: %s %s:%d\n",
+ Debug3( LDAP_DEBUG_ANY, "TLS: %s %s:%d\n",
buf, file, line );
#ifdef HAVE_EBCDIC
if ( file ) LDAP_FREE( (void *)file );
#endif
if ( !tmp_rsa ) {
- Debug( LDAP_DEBUG_ANY,
+ Debug2( LDAP_DEBUG_ANY,
"TLS: Failed to generate temporary %d-bit %s RSA key\n",
- key_length, is_export ? "export" : "domestic", 0 );
+ key_length, is_export ? "export" : "domestic" );
}
return tmp_rsa;
}
#endif
if (randfile == NULL) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: Use configuration file or $RANDFILE to define seed PRNG\n",
- 0, 0, 0);
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: Use configuration file or $RANDFILE to define seed PRNG\n" );
return -1;
}
total = RAND_load_file(randfile, -1);
if (RAND_status() == 0) {
- Debug( LDAP_DEBUG_ANY,
- "TLS: PRNG not been seeded with enough data\n",
- 0, 0, 0);
+ Debug0( LDAP_DEBUG_ANY,
+ "TLS: PRNG not been seeded with enough data\n" );
return -1;
}
int
ldap_unbind( LDAP *ld )
{
- Debug( LDAP_DEBUG_TRACE, "ldap_unbind\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_unbind\n" );
return( ldap_unbind_ext( ld, NULL, NULL ) );
}
BerElement *ber;
ber_int_t id;
- Debug( LDAP_DEBUG_TRACE, "ldap_send_unbind\n", 0, 0, 0 );
+ Debug0( LDAP_DEBUG_TRACE, "ldap_send_unbind\n" );
#ifdef LDAP_CONNECTIONLESS
if (LDAP_IS_UDP(ld))
* because a call to LDAP_INT_GLOBAL_OPT() will try to allocate
* the options and cause infinite recursion
*/
- Debug( LDAP_DEBUG_TRACE, "ldap_url_parse_ext(%s)\n", url_in, 0, 0 );
+ Debug1( LDAP_DEBUG_TRACE, "ldap_url_parse_ext(%s)\n", url_in );
#endif
*ludpp = NULL; /* pessimistic */
buflen, result, herrno_ptr );
#endif
- Debug( LDAP_DEBUG_TRACE, "ldap_pvt_gethostbyname_a: host=%s, r=%d\n",
- name, r, 0 );
+ Debug2( LDAP_DEBUG_TRACE, "ldap_pvt_gethostbyname_a: host=%s, r=%d\n",
+ name, r );
#ifdef NETDB_INTERNAL
if ((r<0) &&
projects / thirdparty / openldap.git / commitdiff
