print diagnostic messages when sasl_interactive_bind or start_tls_s failed

diff --git a/clients/tools/common.c b/clients/tools/common.c
index 4d7b038c6935e1f748fb6884a5ee87235cc08691..3ba0e375e7fd144fe1941bb4155a5acf22f2216f 100644 (file)
--- a/clients/tools/common.c
+++ b/clients/tools/common.c
@@ -1287,7 +1287,10 @@ dnssrv_free:;
                if ( use_tls ) {
                        rc = ldap_start_tls_s( ld, NULL, NULL );
                        if ( rc != LDAP_SUCCESS ) {
-                               tool_perror( "ldap_start_tls", rc, NULL, NULL, NULL, NULL );
+                               char *msg=NULL;
+                               ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&msg);
+                               tool_perror( "ldap_start_tls", rc, NULL, NULL, msg, NULL );
+                               ldap_memfree(msg);
                                if ( use_tls > 1 ) {
                                        exit( EXIT_FAILURE );
                                }
@@ -1384,8 +1387,11 @@ tool_bind( LDAP *ld )
 
                lutil_sasl_freedefs( defaults );
                if( rc != LDAP_SUCCESS ) {
+                       char *msg=NULL;
+                       ldap_get_option( ld, LDAP_OPT_DIAGNOSTIC_MESSAGE, (void*)&msg);
                        tool_perror( "ldap_sasl_interactive_bind_s",
-                               rc, NULL, NULL, NULL, NULL );
+                               rc, NULL, NULL, msg, NULL );
+                       ldap_memfree(msg);
                        exit( rc );
                }
 #else