Fix broken build against older versions of OpenLDAP

OpenLDAP < 2.4 used LDAP_OPT_ERROR_STRING. It was changed to
LDAP_OPT_DIAGNOSTIC_MESSAGE in 2.4. This patch will allow the TLS
error messages to be displayed on either version.

2 files changed, 12 insertions, 2 deletions

diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h
index 0fc95df84..09312282b 100644
--- a/src/providers/ldap/sdap.h
+++ b/src/providers/ldap/sdap.h
@@ -26,6 +26,16 @@
 #include <ldap.h>
 #include "util/sss_ldap.h"
 
+#ifdef LDAP_OPT_DIAGNOSTIC_MESSAGE
+#define SDAP_DIAGNOSTIC_MESSAGE LDAP_OPT_DIAGNOSTIC_MESSAGE
+#else
+#ifdef LDAP_OPT_ERROR_STRING
+#define SDAP_DIAGNOSTIC_MESSAGE LDAP_OPT_ERROR_STRING
+#else
+#error No extended diagnostic message available
+#endif
+#endif
+
 struct sdap_msg {
     struct sdap_msg *next;
     LDAPMessage *msg;
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
index 98249ea69..14a1a4b7d 100644
--- a/src/providers/ldap/sdap_async_connection.c
+++ b/src/providers/ldap/sdap_async_connection.c
@@ -147,7 +147,7 @@ struct tevent_req *sdap_connect_send(TALLOC_CTX *memctx,
     lret = ldap_start_tls(state->sh->ldap, NULL, NULL, &msgid);
     if (lret != LDAP_SUCCESS) {
         optret = ldap_get_option(state->sh->ldap,
-                                 LDAP_OPT_DIAGNOSTIC_MESSAGE,
+                                 SDAP_DIAGNOSTIC_MESSAGE,
                                  (void*)&errmsg);
         if (optret == LDAP_SUCCESS) {
             DEBUG(3, ("ldap_start_tls failed: [%s] [%s]\n",
@@ -230,7 +230,7 @@ static void sdap_connect_done(struct sdap_op *op,
     if (ret != LDAP_SUCCESS) {
 
         optret = ldap_get_option(state->sh->ldap,
-                                 LDAP_OPT_DIAGNOSTIC_MESSAGE,
+                                 SDAP_DIAGNOSTIC_MESSAGE,
                                  (void*)&tlserr);
         if (optret == LDAP_SUCCESS) {
             DEBUG(3, ("ldap_install_tls failed: [%s] [%s]\n",