Improve LDAP KDB initialization error messages

In krb5_ldap_initialize, don't just blat the LDAP error into the
extended message; give an indication of which LDAP operation we were
trying to do and show what parameters we gave to it.

(Also, krb5_set_error_message can handle a null context argument, so
don't bother to check before calling.)

ticket: 7739 (new)
target_version: 1.12
tags: pullup

diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
index 02fbadc421ff75b9f821cc9348ffa1c76391b142..b2730d689d5d9ff4ef9dd992444d8292354ed3a6 100644 (file)
--- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
+++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
@@ -113,9 +113,9 @@ krb5_ldap_initialize(krb5_ldap_context *ldap_context,
 
     /* ldap init */
     if ((st = ldap_initialize(&ldap_server_handle->ldap_handle, server_info->server_name)) != 0) {
-        if (ldap_context->kcontext)
-            krb5_set_error_message (ldap_context->kcontext, KRB5_KDB_ACCESS_ERROR, "%s",
-                                    ldap_err2string(st));
+        krb5_set_error_message(ldap_context->kcontext, KRB5_KDB_ACCESS_ERROR,
+                               _("Cannot create LDAP handle for '%s': %s"),
+                               server_info->server_name, ldap_err2string(st));
         st = KRB5_KDB_ACCESS_ERROR;
         goto err_out;
     }
@@ -125,10 +125,10 @@ krb5_ldap_initialize(krb5_ldap_context *ldap_context,
         server_info->server_status = ON;
         krb5_update_ldap_handle(ldap_server_handle, server_info);
     } else {
-        if (ldap_context->kcontext)
-            krb5_set_error_message (ldap_context->kcontext,
-                                    KRB5_KDB_ACCESS_ERROR, "%s",
-                                    ldap_err2string(st));
+        krb5_set_error_message(ldap_context->kcontext, KRB5_KDB_ACCESS_ERROR,
+                               _("Cannot bind to LDAP server '%s' as '%s'"
+                                 ": %s"), server_info->server_name,
+                               ldap_context->bind_dn, ldap_err2string(st));
         st = KRB5_KDB_ACCESS_ERROR;
         server_info->server_status = OFF;
         time(&server_info->downtime);