From f899952c08a72bd2f7e86f6fd35086749ee48b73 Mon Sep 17 00:00:00 2001
From: Arthur de Jong <arthur@arthurdejong.org>
Date: Fri, 9 Sep 2011 16:08:44 +0000
Subject: make validation log messages consistent

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1542 ef36b2f9-881f-0410-afb5-c4e39611909c
---
 nslcd/alias.c    |  4 ++--
 nslcd/attmap.c   |  4 ++--
 nslcd/common.c   |  6 ++++--
 nslcd/common.h   |  7 ++++---
 nslcd/ether.c    |  4 ++--
 nslcd/group.c    | 16 ++++++++--------
 nslcd/host.c     |  6 +++---
 nslcd/netgroup.c | 27 ++++++++++++++++-----------
 nslcd/network.c  |  6 +++---
 nslcd/pam.c      | 35 +++++++++++++++++++++--------------
 nslcd/passwd.c   | 37 ++++++++++++++++++++-----------------
 nslcd/protocol.c | 10 +++++-----
 nslcd/rpc.c      | 10 +++++-----
 nslcd/service.c  | 12 ++++++------
 nslcd/shadow.c   | 26 +++++++++++++-------------
 15 files changed, 114 insertions(+), 96 deletions(-)

diff --git a/nslcd/alias.c b/nslcd/alias.c
index f20537c..f75a570 100644
--- a/nslcd/alias.c
+++ b/nslcd/alias.c
@@ -5,7 +5,7 @@
 
    Copyright (C) 1997-2005 Luke Howard
    Copyright (C) 2006 West Consulting
-   Copyright (C) 2006, 2007, 2009, 2010 Arthur de Jong
+   Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -100,7 +100,7 @@ static int write_alias(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqalias)
   names=myldap_get_values(entry,attmap_alias_cn);
   if ((names==NULL)||(names[0]==NULL))
   {
-    log_log(LOG_WARNING,"alias entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_alias_cn);
     return 0;
   }
diff --git a/nslcd/attmap.c b/nslcd/attmap.c
index d4eb3ba..6128ffb 100644
--- a/nslcd/attmap.c
+++ b/nslcd/attmap.c
@@ -2,7 +2,7 @@
    attmap.c - attribute mapping values and functions
    This file is part of the nss-pam-ldapd library.
 
-   Copyright (C) 2007, 2008, 2009, 2010 Arthur de Jong
+   Copyright (C) 2007, 2008, 2009, 2010, 2011 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -247,7 +247,7 @@ static const char *entry_expand(const char *name,void *expander_attr)
   /* TODO: handle userPassword attribute specially */
   if ((values[0]!=NULL)&&(values[1]!=NULL))
   {
-    log_log(LOG_WARNING,"entry %s contains multiple %s values",
+    log_log(LOG_WARNING,"%s: %s: multiple values",
                         myldap_get_dn(entry),name);
   }
   return values[0];
diff --git a/nslcd/common.c b/nslcd/common.c
index 264439a..0c8c1a4 100644
--- a/nslcd/common.c
+++ b/nslcd/common.c
@@ -150,7 +150,8 @@ int isvalidname(const char *name)
 }
 
 /* this writes a single address to the stream */
-int write_address(TFILE *fp,const char *addr)
+int write_address(TFILE *fp,MYLDAP_ENTRY *entry,const char *attr,
+                  const char *addr)
 {
   int32_t tmpint32;
   struct in_addr ipv4addr;
@@ -179,7 +180,8 @@ int write_address(TFILE *fp,const char *addr)
     /* failure, log but write simple invalid address
        (otherwise the address list is messed up) */
     /* TODO: have error message in correct format */
-    log_log(LOG_WARNING,"unparseble address: %s",addr);
+    log_log(LOG_WARNING,"%s: %s: \"%s\" unparseble",
+                        myldap_get_dn(entry),attmap_ether_cn,addr);
     /* write an illegal address type */
     WRITE_INT32(fp,-1);
     /* write an emtpy address */
diff --git a/nslcd/common.h b/nslcd/common.h
index 63a535f..b9dc6fc 100644
--- a/nslcd/common.h
+++ b/nslcd/common.h
@@ -68,11 +68,12 @@ const char *get_userpassword(MYLDAP_ENTRY *entry,const char *attr,
                              char *buffer,size_t buflen);
 
 /* write out an address, parsing the addr value */
-int write_address(TFILE *fp,const char *addr);
+int write_address(TFILE *fp,MYLDAP_ENTRY *entry,const char *attr,
+                  const char *addr);
 
 /* a helper macro to write out addresses and bail out on errors */
-#define WRITE_ADDRESS(fp,addr) \
-  if (write_address(fp,addr)) \
+#define WRITE_ADDRESS(fp,entry,attr,addr) \
+  if (write_address(fp,entry,attr,addr)) \
     return -1;
 
 /* read an address from the stream */
diff --git a/nslcd/ether.c b/nslcd/ether.c
index 59e1501..9ba6d1b 100644
--- a/nslcd/ether.c
+++ b/nslcd/ether.c
@@ -123,7 +123,7 @@ static int write_ether(TFILE *fp,MYLDAP_ENTRY *entry,
   names=myldap_get_values(entry,attmap_ether_cn);
   if ((names==NULL)||(names[0]==NULL))
   {
-    log_log(LOG_WARNING,"ether entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_ether_cn);
     return 0;
   }
@@ -139,7 +139,7 @@ static int write_ether(TFILE *fp,MYLDAP_ENTRY *entry,
     ethers=myldap_get_values(entry,attmap_ether_macAddress);
     if ((ethers==NULL)||(ethers[0]==NULL))
     {
-      log_log(LOG_WARNING,"ether entry %s does not contain %s value",
+      log_log(LOG_WARNING,"%s: %s: missing",
                           myldap_get_dn(entry),attmap_ether_macAddress);
       return 0;
     }
diff --git a/nslcd/group.c b/nslcd/group.c
index 010240a..41d8f8f 100644
--- a/nslcd/group.c
+++ b/nslcd/group.c
@@ -184,8 +184,8 @@ static int do_write_group(
   {
     if (!isvalidname(names[i]))
     {
-      log_log(LOG_WARNING,"group entry %s name denied by validnames option: \"%s\"",
-                          myldap_get_dn(entry),names[i]);
+      log_log(LOG_WARNING,"%s: %s: denied by validnames option",
+                          myldap_get_dn(entry),attmap_group_cn);
     }
     else if ((reqname==NULL)||(strcmp(reqname,names[i])==0))
     {
@@ -255,7 +255,7 @@ static int write_group(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname,
   names=myldap_get_values(entry,attmap_group_cn);
   if ((names==NULL)||(names[0]==NULL))
   {
-    log_log(LOG_WARNING,"group entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_group_cn);
     return 0;
   }
@@ -270,7 +270,7 @@ static int write_group(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname,
     gidvalues=myldap_get_values_len(entry,attmap_group_gidNumber);
     if ((gidvalues==NULL)||(gidvalues[0]==NULL))
     {
-      log_log(LOG_WARNING,"group entry %s does not contain %s value",
+      log_log(LOG_WARNING,"%s: %s: missing",
                           myldap_get_dn(entry),attmap_group_gidNumber);
       return 0;
     }
@@ -284,13 +284,13 @@ static int write_group(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname,
         gids[numgids]=strtogid(gidvalues[numgids],&tmp,0);
         if ((*(gidvalues[numgids])=='\0')||(*tmp!='\0'))
         {
-          log_log(LOG_WARNING,"group entry %s contains non-numeric %s value",
+          log_log(LOG_WARNING,"%s: %s: non-numeric",
                               myldap_get_dn(entry),attmap_group_gidNumber);
           return 0;
         }
         else if (errno!=0)
         {
-          log_log(LOG_WARNING,"group entry %s contains too large %s value",
+          log_log(LOG_WARNING,"%s: %s: too large",
                               myldap_get_dn(entry),attmap_group_gidNumber);
           return 0;
         }
@@ -322,7 +322,7 @@ NSLCD_HANDLE(
   READ_STRING(fp,name);
   log_setrequest("group=\"%s\"",name);
   if (!isvalidname(name)) {
-    log_log(LOG_WARNING,"\"%s\": name denied by validnames option",name);
+    log_log(LOG_WARNING,"request denied by validnames option");
     return -1;
   },
   NSLCD_ACTION_GROUP_BYNAME,
@@ -349,7 +349,7 @@ NSLCD_HANDLE(
   log_setrequest("group/member=\"%s\"",name);
   if (!isvalidname(name))
   {
-    log_log(LOG_WARNING,"\"%s\": name denied by validnames option",name);
+    log_log(LOG_WARNING,"request denied by validnames option");
     return -1;
   }
   if ((nslcd_cfg->ldc_nss_initgroups_ignoreusers!=NULL)&&
diff --git a/nslcd/host.c b/nslcd/host.c
index 994a7e2..bded3fd 100644
--- a/nslcd/host.c
+++ b/nslcd/host.c
@@ -122,7 +122,7 @@ static int write_host(TFILE *fp,MYLDAP_ENTRY *entry)
   hostnames=myldap_get_values(entry,attmap_host_cn);
   if ((hostnames==NULL)||(hostnames[0]==NULL))
   {
-    log_log(LOG_WARNING,"host entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_host_cn);
     return 0;
   }
@@ -133,7 +133,7 @@ static int write_host(TFILE *fp,MYLDAP_ENTRY *entry)
   addresses=myldap_get_values(entry,attmap_host_ipHostNumber);
   if ((addresses==NULL)||(addresses[0]==NULL))
   {
-    log_log(LOG_WARNING,"host entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_host_ipHostNumber);
     return 0;
   }
@@ -146,7 +146,7 @@ static int write_host(TFILE *fp,MYLDAP_ENTRY *entry)
   WRITE_INT32(fp,numaddr);
   for (i=0;i<numaddr;i++)
   {
-    WRITE_ADDRESS(fp,addresses[i]);
+    WRITE_ADDRESS(fp,entry,attmap_host_ipHostNumber,addresses[i]);
   }
   return 0;
 }
diff --git a/nslcd/netgroup.c b/nslcd/netgroup.c
index 27bc531..d8873f9 100644
--- a/nslcd/netgroup.c
+++ b/nslcd/netgroup.c
@@ -5,7 +5,7 @@
 
    Copyright (C) 1997-2005 Luke Howard
    Copyright (C) 2006 West Consulting
-   Copyright (C) 2006, 2007, 2009, 2010 Arthur de Jong
+   Copyright (C) 2006, 2007, 2009, 2010, 2011 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -129,7 +129,7 @@ static int write_string_stripspace_len(TFILE *fp,const char *str,int len)
 #define WRITE_STRING_STRIPSPACE(fp,str) \
   WRITE_STRING_STRIPSPACE_LEN(fp,str,strlen(str))
 
-static int write_netgroup_triple(TFILE *fp,const char *triple)
+static int write_netgroup_triple(TFILE *fp,MYLDAP_ENTRY *entry,const char *triple)
 {
   int32_t tmpint32;
   int i;
@@ -140,7 +140,8 @@ static int write_netgroup_triple(TFILE *fp,const char *triple)
   /* we should have a bracket now */
   if (triple[i]!='(')
   {
-    log_log(LOG_WARNING,"write_netgroup_triple(): entry does not begin with '(' (entry skipped)");
+    log_log(LOG_WARNING,"%s: %s: does not begin with '('",
+                        myldap_get_dn(entry),attmap_netgroup_nisNetgroupTriple);
     return 0;
   }
   i++;
@@ -150,7 +151,8 @@ static int write_netgroup_triple(TFILE *fp,const char *triple)
     /* nothing else to do */ ;
   if (triple[i]!=',')
   {
-    log_log(LOG_WARNING,"write_netgroup_triple(): missing ',' (entry skipped)");
+    log_log(LOG_WARNING,"%s: %s: missing ','",
+                        myldap_get_dn(entry),attmap_netgroup_nisNetgroupTriple);
     return 0;
   }
   hoste=i;
@@ -161,7 +163,8 @@ static int write_netgroup_triple(TFILE *fp,const char *triple)
     /* nothing else to do */ ;
   if (triple[i]!=',')
   {
-    log_log(LOG_WARNING,"write_netgroup_triple(): missing ',' (entry skipped)");
+    log_log(LOG_WARNING,"%s: %s: missing ','",
+                        myldap_get_dn(entry),attmap_netgroup_nisNetgroupTriple);
     return 0;
   }
   usere=i;
@@ -172,7 +175,8 @@ static int write_netgroup_triple(TFILE *fp,const char *triple)
     /* nothing else to do */ ;
   if (triple[i]!=')')
   {
-    log_log(LOG_WARNING,"write_netgroup_triple(): missing ')' (entry skipped)");
+    log_log(LOG_WARNING,"%s: %s: missing ')'",
+                        myldap_get_dn(entry),attmap_netgroup_nisNetgroupTriple);
     return 0;
   }
   domaine=i;
@@ -183,7 +187,8 @@ static int write_netgroup_triple(TFILE *fp,const char *triple)
   /* if anything is left in the string we have a problem */
   if (triple[i]!='\0')
   {
-    log_log(LOG_WARNING,"write_netgroup_triple(): string contains trailing data (entry skipped)");
+    log_log(LOG_WARNING,"%s: %s: contains trailing data",
+                        myldap_get_dn(entry),attmap_netgroup_nisNetgroupTriple);
     return 0;
   }
   /* write strings */
@@ -196,11 +201,11 @@ static int write_netgroup_triple(TFILE *fp,const char *triple)
   return 0;
 }
 
-#define WRITE_NETGROUP_TRIPLE(fp,triple) \
-  if (write_netgroup_triple(fp,triple)) \
+#define WRITE_NETGROUP_TRIPLE(fp,entry,triple) \
+  if (write_netgroup_triple(fp,entry,triple)) \
     return -1;
 
-static int write_netgroup(TFILE *fp,MYLDAP_ENTRY *entry, const char *reqname)
+static int write_netgroup(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname)
 {
   int32_t tmpint32;
   int i;
@@ -220,7 +225,7 @@ static int write_netgroup(TFILE *fp,MYLDAP_ENTRY *entry, const char *reqname)
   if (triples!=NULL)
     for (i=0;triples[i]!=NULL;i++)
     {
-      WRITE_NETGROUP_TRIPLE(fp,triples[i]);
+      WRITE_NETGROUP_TRIPLE(fp,entry,triples[i]);
     }
   /* write netgroup members */
   if (members!=NULL)
diff --git a/nslcd/network.c b/nslcd/network.c
index 7fb3cf6..210819e 100644
--- a/nslcd/network.c
+++ b/nslcd/network.c
@@ -120,7 +120,7 @@ static int write_network(TFILE *fp,MYLDAP_ENTRY *entry)
   networknames=myldap_get_values(entry,attmap_network_cn);
   if ((networknames==NULL)||(networknames[0]==NULL))
   {
-    log_log(LOG_WARNING,"network entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_network_cn);
     return 0;
   }
@@ -131,7 +131,7 @@ static int write_network(TFILE *fp,MYLDAP_ENTRY *entry)
   addresses=myldap_get_values(entry,attmap_network_ipNetworkNumber);
   if ((addresses==NULL)||(addresses[0]==NULL))
   {
-    log_log(LOG_WARNING,"network entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_network_ipNetworkNumber);
     return 0;
   }
@@ -144,7 +144,7 @@ static int write_network(TFILE *fp,MYLDAP_ENTRY *entry)
   WRITE_INT32(fp,numaddr);
   for (i=0;i<numaddr;i++)
   {
-    WRITE_ADDRESS(fp,addresses[i]);
+    WRITE_ADDRESS(fp,entry,attmap_network_ipNetworkNumber,addresses[i]);
   }
   return 0;
 }
diff --git a/nslcd/pam.c b/nslcd/pam.c
index dbdf0b5..d0da8e6 100644
--- a/nslcd/pam.c
+++ b/nslcd/pam.c
@@ -62,7 +62,7 @@ static int try_bind(const char *userdn,const char *password)
   {
     if (rc==LDAP_SUCCESS)
       rc=LDAP_LOCAL_ERROR;
-    log_log(LOG_WARNING,"lookup of %s failed: %s",userdn,ldap_err2string(rc));
+    log_log(LOG_WARNING,"%s: lookup failed: %s",userdn,ldap_err2string(rc));
   }
   else
   {
@@ -71,7 +71,7 @@ static int try_bind(const char *userdn,const char *password)
     {
       if (rc==LDAP_SUCCESS)
         rc=LDAP_NO_RESULTS_RETURNED;
-      log_log(LOG_WARNING,"lookup of %s failed: %s",userdn,ldap_err2string(rc));
+      log_log(LOG_WARNING,"%s: lookup failed: %s",userdn,ldap_err2string(rc));
     }
   }
   /* close the session */
@@ -90,7 +90,7 @@ static MYLDAP_ENTRY *validate_user(MYLDAP_SESSION *session,
   /* check username for validity */
   if (!isvalidname(username))
   {
-    log_log(LOG_WARNING,"\"%s\": name denied by validnames option",username);
+    log_log(LOG_WARNING,"request denied by validnames option");
     *rcp=LDAP_NO_SUCH_OBJECT;
     return NULL;
   }
@@ -118,15 +118,15 @@ static void update_username(MYLDAP_ENTRY *entry,char *username,size_t username_l
     /* get the username from the uid attribute */
     values=myldap_get_values(entry,attmap_passwd_uid);
     if ((values==NULL)||(values[0]==NULL))
-      log_log(LOG_WARNING,"\"%s\": DN %s is missing a %s attribute",
-                          username,myldap_get_dn(entry),attmap_passwd_uid);
+      log_log(LOG_WARNING,"%s: %s: missing",
+                          myldap_get_dn(entry),attmap_passwd_uid);
     value=values[0];
   }
   /* check the username */
   if ((value==NULL)||!isvalidname(value)||strlen(value)>=username_len)
   {
-    log_log(LOG_WARNING,"passwd entry %s name denied by validnames option: \"%s\"",
-                        myldap_get_dn(entry),username);
+    log_log(LOG_WARNING,"%s: %s: denied by validnames option",
+                        myldap_get_dn(entry),attmap_passwd_uid);
     return;
   }
   /* check if the username is different and update it if needed */
@@ -159,7 +159,8 @@ static int check_shadow(MYLDAP_SESSION *session,const char *username,
   {
     daysleft=today-expiredate;
     mysnprintf(authzmsg,authzmsgsz-1,"account expired %ld days ago",daysleft);
-    log_log(LOG_WARNING,"%s: %s",myldap_get_dn(entry),authzmsg);
+    log_log(LOG_WARNING,"%s: %s: %s",
+                        myldap_get_dn(entry),attmap_shadow_shadowExpire,authzmsg);
     return NSLCD_PAM_ACCT_EXPIRED;
   }
   /* password expiration isn't interesting at this point because the user
@@ -171,11 +172,13 @@ static int check_shadow(MYLDAP_SESSION *session,const char *username,
     if (lastchangedate==0)
     {
       mysnprintf(authzmsg,authzmsgsz-1,"need a new password");
-      log_log(LOG_WARNING,"%s: %s",myldap_get_dn(entry),authzmsg);
+      log_log(LOG_WARNING,"%s: %s: %s",
+                          myldap_get_dn(entry),attmap_shadow_shadowLastChange,authzmsg);
       return NSLCD_PAM_NEW_AUTHTOK_REQD;
     }
     else if (today<lastchangedate)
-      log_log(LOG_WARNING,"%s: password changed in the future",myldap_get_dn(entry));
+      log_log(LOG_WARNING,"%s: %s: password changed in the future",
+                          myldap_get_dn(entry),attmap_shadow_shadowLastChange);
     else if (maxdays!=-1)
     {
       /* check maxdays */
@@ -198,21 +201,24 @@ static int check_shadow(MYLDAP_SESSION *session,const char *username,
         {
           mysnprintf(authzmsg+strlen(authzmsg),authzmsgsz-strlen(authzmsg)-1,
                      ", account locked %ld days ago",-inactleft);
-          log_log(LOG_WARNING,"%s: %s",myldap_get_dn(entry),authzmsg);
+          log_log(LOG_WARNING,"%s: %s: %s",
+                              myldap_get_dn(entry),attmap_shadow_shadowInactive,authzmsg);
           return NSLCD_PAM_AUTHTOK_EXPIRED;
         }
       }
       if (daysleft<=0)
       {
         /* log previously built message */
-        log_log(LOG_WARNING,"%s: %s",myldap_get_dn(entry),authzmsg);
+        log_log(LOG_WARNING,"%s: %s: %s",
+                            myldap_get_dn(entry),attmap_shadow_shadowMax,authzmsg);
         return NSLCD_PAM_NEW_AUTHTOK_REQD;
       }
       /* check warndays */
       if ((warndays>0)&&(daysleft<=warndays))
       {
         mysnprintf(authzmsg,authzmsgsz-1,"password will expire in %ld days",daysleft);
-        log_log(LOG_WARNING,"%s: %s",myldap_get_dn(entry),authzmsg);
+        log_log(LOG_WARNING,"%s: %s: %s",
+                            myldap_get_dn(entry),attmap_shadow_shadowWarning,authzmsg);
       }
     }
   }
@@ -222,7 +228,8 @@ static int check_shadow(MYLDAP_SESSION *session,const char *username,
     if ((mindays!=-1)&&(daysleft>0))
     {
       mysnprintf(authzmsg,authzmsgsz-1,"password cannot be changed for another %ld days",daysleft);
-      log_log(LOG_WARNING,"%s: %s",myldap_get_dn(entry),authzmsg);
+      log_log(LOG_WARNING,"%s: %s: %s",
+                          myldap_get_dn(entry),attmap_shadow_shadowMin,authzmsg);
       return NSLCD_PAM_AUTHTOK_ERR;
     }
   }
diff --git a/nslcd/passwd.c b/nslcd/passwd.c
index c4ab94c..ab097c6 100644
--- a/nslcd/passwd.c
+++ b/nslcd/passwd.c
@@ -183,7 +183,7 @@ static int entry_has_valid_uid(MYLDAP_ENTRY *entry)
   values=myldap_get_values_len(entry,attmap_passwd_uidNumber);
   if ((values==NULL)||(values[0]==NULL))
   {
-    log_log(LOG_WARNING,"passwd entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_passwd_uidNumber);
     return 0;
   }
@@ -198,13 +198,13 @@ static int entry_has_valid_uid(MYLDAP_ENTRY *entry)
       uid=strtouid(values[i],&tmp,0);
       if ((*(values[i])=='\0')||(*tmp!='\0'))
       {
-        log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value",
+        log_log(LOG_WARNING,"%s: %s: non-numeric",
                             myldap_get_dn(entry),attmap_passwd_uidNumber);
         continue;
       }
       else if (errno!=0)
       {
-        log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+        log_log(LOG_WARNING,"%s: %s: too large",
                             myldap_get_dn(entry),attmap_passwd_uidNumber);
         continue;
       }
@@ -235,14 +235,14 @@ char *lookup_dn2uid(MYLDAP_SESSION *session,const char *dn,int *rcp,char *buf,si
   search=myldap_search(session,dn,LDAP_SCOPE_BASE,passwd_filter,attrs,rcp);
   if (search==NULL)
   {
-    log_log(LOG_WARNING,"lookup of user %s failed: %s",dn,ldap_err2string(*rcp));
+    log_log(LOG_WARNING,"%s: lookup error: %s",dn,ldap_err2string(*rcp));
     return NULL;
   }
   entry=myldap_get_entry(search,rcp);
   if (entry==NULL)
   {
     if (*rcp!=LDAP_SUCCESS)
-      log_log(LOG_WARNING,"lookup of user %s failed: %s",dn,ldap_err2string(*rcp));
+      log_log(LOG_WARNING,"%s: lookup error: %s",dn,ldap_err2string(*rcp));
     return NULL;
   }
   /* check the uidNumber attribute if min_uid is set */
@@ -423,7 +423,10 @@ static inline void check_nsswitch_reload(void)
 static inline int shadow_uses_ldap(void)
 {
   if (cached_shadow_uses_ldap==CACHED_UNKNOWN)
+  {
+    log_log(LOG_INFO,"(re)loading %s",NSSWITCH_FILE); /* FIXME: check if this is correct */
     cached_shadow_uses_ldap=nsswitch_db_uses_ldap(NSSWITCH_FILE,"shadow");
+  }
   return cached_shadow_uses_ldap;
 }
 
@@ -451,7 +454,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
   usernames=myldap_get_values(entry,attmap_passwd_uid);
   if ((usernames==NULL)||(usernames[0]==NULL))
   {
-    log_log(LOG_WARNING,"passwd entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_passwd_uid);
     return 0;
   }
@@ -478,7 +481,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
     tmpvalues=myldap_get_values_len(entry,attmap_passwd_uidNumber);
     if ((tmpvalues==NULL)||(tmpvalues[0]==NULL))
     {
-      log_log(LOG_WARNING,"passwd entry %s does not contain %s value",
+      log_log(LOG_WARNING,"%s: %s: missing",
                           myldap_get_dn(entry),attmap_passwd_uidNumber);
       return 0;
     }
@@ -492,13 +495,13 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
         uids[numuids]=strtouid(tmpvalues[numuids],&tmp,0);
         if ((*(tmpvalues[numuids])=='\0')||(*tmp!='\0'))
         {
-          log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value",
+          log_log(LOG_WARNING,"%s: %s: non-numeric",
                               myldap_get_dn(entry),attmap_passwd_uidNumber);
           return 0;
         }
         else if (errno!=0)
         {
-          log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+          log_log(LOG_WARNING,"%s: %s: too large",
                               myldap_get_dn(entry),attmap_passwd_uidNumber);
           return 0;
         }
@@ -511,7 +514,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
     tmpvalues=myldap_get_values_len(entry,attmap_passwd_gidNumber);
     if ((tmpvalues==NULL)||(tmpvalues[0]==NULL))
     {
-      log_log(LOG_WARNING,"passwd entry %s does not contain %s value",
+      log_log(LOG_WARNING,"%s: %s: missing",
                           myldap_get_dn(entry),attmap_passwd_gidNumber);
       return 0;
     }
@@ -522,7 +525,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
     attmap_get_value(entry,attmap_passwd_gidNumber,gidbuf,sizeof(gidbuf));
     if (gidbuf[0]=='\0')
     {
-      log_log(LOG_WARNING,"passwd entry %s does not contain %s value",
+      log_log(LOG_WARNING,"%s: %s: missing",
                           myldap_get_dn(entry),attmap_passwd_gidNumber);
       return 0;
     }
@@ -530,13 +533,13 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
     gid=strtogid(gidbuf,&tmp,0);
     if ((gidbuf[0]=='\0')||(*tmp!='\0'))
     {
-      log_log(LOG_WARNING,"passwd entry %s contains non-numeric %s value",
+      log_log(LOG_WARNING,"%s: %s: non-numeric",
                           myldap_get_dn(entry),attmap_passwd_gidNumber);
       return 0;
     }
     else if (errno!=0)
     {
-      log_log(LOG_WARNING,"passwd entry %s contains too large %s value",
+      log_log(LOG_WARNING,"%s: %s: too large",
                           myldap_get_dn(entry),attmap_passwd_gidNumber);
       return 0;
     }
@@ -546,7 +549,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
   /* get the home directory for this entry */
   attmap_get_value(entry,attmap_passwd_homeDirectory,homedir,sizeof(homedir));
   if (homedir[0]=='\0')
-    log_log(LOG_WARNING,"passwd entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_passwd_homeDirectory);
   /* get the shell for this entry */
   attmap_get_value(entry,attmap_passwd_loginShell,shell,sizeof(shell));
@@ -556,8 +559,8 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
     {
       if (!isvalidname(usernames[i]))
       {
-        log_log(LOG_WARNING,"passwd entry %s denied by validnames option: \"%s\"",
-                            myldap_get_dn(entry),usernames[i]);
+        log_log(LOG_WARNING,"%s: %s: denied by validnames option",
+                            myldap_get_dn(entry),attmap_passwd_uid);
       }
       else
       {
@@ -587,7 +590,7 @@ NSLCD_HANDLE_UID(
   READ_STRING(fp,name);
   log_setrequest("passwd=\"%s\"",name);
   if (!isvalidname(name)) {
-    log_log(LOG_WARNING,"\"%s\": name denied by validnames option",name);
+    log_log(LOG_WARNING,"request denied by validnames option");
     return -1;
   }
   check_nsswitch_reload();,
diff --git a/nslcd/protocol.c b/nslcd/protocol.c
index 520f69d..45d1f9e 100644
--- a/nslcd/protocol.c
+++ b/nslcd/protocol.c
@@ -115,7 +115,7 @@ static int write_protocol(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname)
   aliases=myldap_get_values(entry,attmap_protocol_cn);
   if ((aliases==NULL)||(aliases[0]==NULL))
   {
-    log_log(LOG_WARNING,"protocol entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_protocol_cn);
     return 0;
   }
@@ -134,26 +134,26 @@ static int write_protocol(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname)
   protos=myldap_get_values(entry,attmap_protocol_ipProtocolNumber);
   if ((protos==NULL)||(protos[0]==NULL))
   {
-    log_log(LOG_WARNING,"protocol entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
     return 0;
   }
   else if (protos[1]!=NULL)
   {
-    log_log(LOG_WARNING,"protocol entry %s contains multiple %s values",
+    log_log(LOG_WARNING,"%s: %s: multiple values",
                         myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
   }
   errno=0;
   proto=(int)strtol(protos[0],&tmp,0);
   if ((*(protos[0])=='\0')||(*tmp!='\0'))
   {
-    log_log(LOG_WARNING,"protocol entry %s contains non-numeric %s value",
+    log_log(LOG_WARNING,"%s: %s: non-numeric",
                         myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
     return 0;
   }
   else if (errno!=0)
   {
-    log_log(LOG_WARNING,"protocol entry %s contains too large %s value",
+    log_log(LOG_WARNING,"%s: %s: too large",
                         myldap_get_dn(entry),attmap_protocol_ipProtocolNumber);
     return 0;
   }
diff --git a/nslcd/rpc.c b/nslcd/rpc.c
index ae79a90..68d0f9b 100644
--- a/nslcd/rpc.c
+++ b/nslcd/rpc.c
@@ -116,7 +116,7 @@ static int write_rpc(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname)
   aliases=myldap_get_values(entry,attmap_rpc_cn);
   if ((aliases==NULL)||(aliases[0]==NULL))
   {
-    log_log(LOG_WARNING,"rpc entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_rpc_cn);
     return 0;
   }
@@ -135,26 +135,26 @@ static int write_rpc(TFILE *fp,MYLDAP_ENTRY *entry,const char *reqname)
   numbers=myldap_get_values(entry,attmap_rpc_oncRpcNumber);
   if ((numbers==NULL)||(numbers[0]==NULL))
   {
-    log_log(LOG_WARNING,"rpc entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
     return 0;
   }
   else if (numbers[1]!=NULL)
   {
-    log_log(LOG_WARNING,"rpc entry %s contains multiple %s values",
+    log_log(LOG_WARNING,"%s: %s: multiple values",
                         myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
   }
   errno=0;
   number=(int)strtol(numbers[0],&tmp,0);
   if ((*(numbers[0])=='\0')||(*tmp!='\0'))
   {
-    log_log(LOG_WARNING,"rpc entry %s contains non-numeric %s value",
+    log_log(LOG_WARNING,"%s: %s: non-numeric",
                         myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
     return 0;
   }
   else if (errno!=0)
   {
-    log_log(LOG_WARNING,"rpc entry %s contains too large %s value",
+    log_log(LOG_WARNING,"%s: %s: too large",
                         myldap_get_dn(entry),attmap_rpc_oncRpcNumber);
     return 0;
   }
diff --git a/nslcd/service.c b/nslcd/service.c
index 4a43022..f8a08bc 100644
--- a/nslcd/service.c
+++ b/nslcd/service.c
@@ -144,7 +144,7 @@ static int write_service(TFILE *fp,MYLDAP_ENTRY *entry,
   aliases=myldap_get_values(entry,attmap_service_cn);
   if ((aliases==NULL)||(aliases[0]==NULL))
   {
-    log_log(LOG_WARNING,"service entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_service_cn);
     return 0;
   }
@@ -163,26 +163,26 @@ static int write_service(TFILE *fp,MYLDAP_ENTRY *entry,
   ports=myldap_get_values(entry,attmap_service_ipServicePort);
   if ((ports==NULL)||(ports[0]==NULL))
   {
-    log_log(LOG_WARNING,"service entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_service_ipServicePort);
     return 0;
   }
   else if (ports[1]!=NULL)
   {
-    log_log(LOG_WARNING,"service entry %s contains multiple %s values",
+    log_log(LOG_WARNING,"%s: %s: multiple values",
                         myldap_get_dn(entry),attmap_service_ipServicePort);
   }
   errno=0;
   port=(int)strtol(ports[0],&tmp,0);
   if ((*(ports[0])=='\0')||(*tmp!='\0'))
   {
-    log_log(LOG_WARNING,"service entry %s contains non-numeric %s value",
+    log_log(LOG_WARNING,"%s: %s: non-numeric value",
                         myldap_get_dn(entry),attmap_service_ipServicePort);
     return 0;
   }
   else if (errno!=0)
   {
-    log_log(LOG_WARNING,"service entry %s contains too large %s value",
+    log_log(LOG_WARNING,"%s: %s: too large",
                         myldap_get_dn(entry),attmap_service_ipServicePort);
     return 0;
   }
@@ -190,7 +190,7 @@ static int write_service(TFILE *fp,MYLDAP_ENTRY *entry,
   protocols=myldap_get_values(entry,attmap_service_ipServiceProtocol);
   if ((protocols==NULL)||(protocols[0]==NULL))
   {
-    log_log(LOG_WARNING,"service entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_service_ipServiceProtocol);
     return 0;
   }
diff --git a/nslcd/shadow.c b/nslcd/shadow.c
index 61d9019..df7f18b 100644
--- a/nslcd/shadow.c
+++ b/nslcd/shadow.c
@@ -110,7 +110,7 @@ void shadow_init(void)
   set_free(set);
 }
 
-static long to_date(const char *date,const char *attr)
+static long to_date(const char *dn,const char *date,const char *attr)
 {
   char buffer[32];
   long value;
@@ -133,12 +133,12 @@ static long to_date(const char *date,const char *attr)
     value=strtol(date,&tmp,0);
     if ((*date=='\0')||(*tmp!='\0'))
     {
-      log_log(LOG_WARNING,"shadow entry contains non-numeric %s value",attr);
+      log_log(LOG_WARNING,"%s: %s: non-numeric",dn,attr);
       return -1;
     }
     else if (errno!=0)
     {
-      log_log(LOG_WARNING,"shadow entry contains too large %s value",attr);
+      log_log(LOG_WARNING,"%s: %s: too large",dn,attr);
       return -1;
     }
     return value/864-134774;
@@ -149,12 +149,12 @@ static long to_date(const char *date,const char *attr)
   value=strtol(date,&tmp,0);
   if ((*date=='\0')||(*tmp!='\0'))
   {
-    log_log(LOG_WARNING,"shadow entry contains non-numeric %s value",attr);
+    log_log(LOG_WARNING,"%s: %s: non-numeric",dn,attr);
     return -1;
   }
   else if (errno!=0)
   {
-    log_log(LOG_WARNING,"shadow entry contains too large %s value",attr);
+    log_log(LOG_WARNING,"%s: %s: too large",dn,attr);
     return -1;
   }
   return value;
@@ -172,13 +172,13 @@ static long to_date(const char *date,const char *attr)
   var=strtol(tmpvalue,&tmp,0); \
   if ((*(tmpvalue)=='\0')||(*tmp!='\0')) \
   { \
-    log_log(LOG_WARNING,"shadow entry %s contains non-numeric %s value", \
+    log_log(LOG_WARNING,"%s: %s: non-numeric", \
                         myldap_get_dn(entry),attmap_shadow_##att); \
     var=fallback; \
   } \
   else if (errno!=0) \
   { \
-    log_log(LOG_WARNING,"shadow entry %s contains too large %s value", \
+    log_log(LOG_WARNING,"%s: %s: too large", \
                         myldap_get_dn(entry),attmap_shadow_##att); \
     var=fallback; \
   }
@@ -194,7 +194,7 @@ void get_shadow_properties(MYLDAP_ENTRY *entry,long *lastchangedate,
   tmpvalue=attmap_get_value(entry,attmap_shadow_shadowLastChange,buffer,sizeof(buffer));
   if (tmpvalue==NULL)
     tmpvalue="";
-  *lastchangedate=to_date(tmpvalue,attmap_shadow_shadowLastChange);
+  *lastchangedate=to_date(myldap_get_dn(entry),tmpvalue,attmap_shadow_shadowLastChange);
   /* get other shadow properties */
   GET_OPTIONAL_LONG(*mindays,shadowMin,-1);
   GET_OPTIONAL_LONG(*maxdays,shadowMax,-1);
@@ -268,11 +268,11 @@ int update_lastchange(MYLDAP_SESSION *session,const char *userdn)
   mods[1]=NULL;
   rc=myldap_modify(session,userdn,mods);
   if (rc!=LDAP_SUCCESS)
-    log_log(LOG_WARNING,"modification of %s attribute of %s failed: %s",
-                        attr,userdn,ldap_err2string(rc));
+    log_log(LOG_WARNING,"%s: %s: modification failed: %s",
+                        userdn,attr,ldap_err2string(rc));
   else
-    log_log(LOG_DEBUG,"modification of %s attribute of %s succeeded",
-                     attr,userdn);
+    log_log(LOG_DEBUG,"%s: %s: modification succeeded",
+                      userdn,attr);
   return rc;
 }
 
@@ -294,7 +294,7 @@ static int write_shadow(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser)
   usernames=myldap_get_values(entry,attmap_shadow_uid);
   if ((usernames==NULL)||(usernames[0]==NULL))
   {
-    log_log(LOG_WARNING,"shadow entry %s does not contain %s value",
+    log_log(LOG_WARNING,"%s: %s: missing",
                         myldap_get_dn(entry),attmap_shadow_uid);
     return 0;
   }
-- 
cgit v1.2.3