Is there any reason we don't use ldap_err2string() to get readable error
messages from LDAP, instead something like "error code 49"?  It's
already used in some places, so it's apparently OK to use.  Proposed
patch attached.
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index c765454..74036e2 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -2037,8 +2037,7 @@ static int pam_passwd_conv_proc(int num_msg, const struct 
pam_message ** msg,
        {
 #ifndef WIN32
                ereport(LOG,
-                               (errmsg("could not initialize LDAP: error code 
%d",
-                                               errno)));
+                               (errmsg("could not initialize LDAP: %m")));
 #else
                ereport(LOG,
                                (errmsg("could not initialize LDAP: error code 
%d",
@@ -2051,7 +2050,7 @@ static int pam_passwd_conv_proc(int num_msg, const struct 
pam_message ** msg,
        {
                ldap_unbind(*ldap);
                ereport(LOG,
-                 (errmsg("could not set LDAP protocol version: error code %d", 
r)));
+                 (errmsg("could not set LDAP protocol version: %s", 
ldap_err2string(r))));
                return STATUS_ERROR;
        }
 
@@ -2104,7 +2103,7 @@ static int pam_passwd_conv_proc(int num_msg, const struct 
pam_message ** msg,
                {
                        ldap_unbind(*ldap);
                        ereport(LOG,
-                        (errmsg("could not start LDAP TLS session: error code 
%d", r)));
+                        (errmsg("could not start LDAP TLS session: %s", 
ldap_err2string(r))));
                        return STATUS_ERROR;
                }
        }
@@ -2193,8 +2192,8 @@ static int pam_passwd_conv_proc(int num_msg, const struct 
pam_message ** msg,
                if (r != LDAP_SUCCESS)
                {
                        ereport(LOG,
-                                       (errmsg("could not perform initial LDAP 
bind for ldapbinddn \"%s\" on server \"%s\": error code %d",
-                                                 port->hba->ldapbinddn, 
port->hba->ldapserver, r)));
+                                       (errmsg("could not perform initial LDAP 
bind for ldapbinddn \"%s\" on server \"%s\": %s",
+                                                 port->hba->ldapbinddn, 
port->hba->ldapserver, ldap_err2string(r))));
                        return STATUS_ERROR;
                }
 
@@ -2218,8 +2217,8 @@ static int pam_passwd_conv_proc(int num_msg, const struct 
pam_message ** msg,
                if (r != LDAP_SUCCESS)
                {
                        ereport(LOG,
-                                       (errmsg("could not search LDAP for 
filter \"%s\" on server \"%s\": error code %d",
-                                                       filter, 
port->hba->ldapserver, r)));
+                                       (errmsg("could not search LDAP for 
filter \"%s\" on server \"%s\": %s",
+                                                       filter, 
port->hba->ldapserver, ldap_err2string(r))));
                        pfree(filter);
                        return STATUS_ERROR;
                }
@@ -2306,8 +2305,8 @@ static int pam_passwd_conv_proc(int num_msg, const struct 
pam_message ** msg,
        if (r != LDAP_SUCCESS)
        {
                ereport(LOG,
-                               (errmsg("LDAP login failed for user \"%s\" on 
server \"%s\": error code %d",
-                                               fulluser, 
port->hba->ldapserver, r)));
+                               (errmsg("LDAP login failed for user \"%s\" on 
server \"%s\": %s",
+                                               fulluser, 
port->hba->ldapserver, ldap_err2string(r))));
                pfree(fulluser);
                return STATUS_ERROR;
        }
-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to