Fix ACL SSF reporting

diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c
index 2e18ce48b2c3859ffa3fb6a1cdc4ebd92d751bbb..659a13441b6c32327d3503f07f10e95f05b5f59f 100644 (file)
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -637,8 +637,8 @@ acl_mask(
                }
 
                if ( b->a_authz.sai_ssf ) {
-                       Debug( LDAP_DEBUG_ACL, "<= check a_authz.sai_ssf: %ud\n",
-                               b->a_authz.sai_ssf, 0, 0 );
+                       Debug( LDAP_DEBUG_ACL, "<= check a_authz.sai_ssf: ACL %u > OP %u\n",
+                               b->a_authz.sai_ssf, op->o_ssf, 0 );
 
                        if ( b->a_authz.sai_ssf >  op->o_ssf ) {
                                continue;
@@ -647,8 +647,8 @@ acl_mask(
 
                if ( b->a_authz.sai_transport_ssf ) {
                        Debug( LDAP_DEBUG_ACL,
-                               "<= check a_authz.sai_transport_ssf: %ud\n",
-                               b->a_authz.sai_transport_ssf, 0, 0 );
+                               "<= check a_authz.sai_transport_ssf: ACL %u > OP %u\n",
+                               b->a_authz.sai_transport_ssf, op->o_transport_ssf, 0 );
 
                        if ( b->a_authz.sai_transport_ssf >  op->o_transport_ssf ) {
                                continue;
@@ -657,8 +657,8 @@ acl_mask(
 
                if ( b->a_authz.sai_tls_ssf ) {
                        Debug( LDAP_DEBUG_ACL,
-                               "<= check a_authz.sai_tls_ssf: %ud\n",
-                               b->a_authz.sai_tls_ssf, 0, 0 );
+                               "<= check a_authz.sai_tls_ssf: ACL %u > OP %s\n",
+                               b->a_authz.sai_tls_ssf, op->o_tls_ssf, 0 );
 
                        if ( b->a_authz.sai_tls_ssf >  op->o_tls_ssf ) {
                                continue;
@@ -667,8 +667,8 @@ acl_mask(
 
                if ( b->a_authz.sai_sasl_ssf ) {
                        Debug( LDAP_DEBUG_ACL,
-                               "<= check a_authz.sai_sasl_ssf: %ud\n",
-                               b->a_authz.sai_sasl_ssf, 0, 0 );
+                               "<= check a_authz.sai_sasl_ssf: ACL %u > OP %s\n",
+                               b->a_authz.sai_sasl_ssf, op->o_sasl_ssf, 0 );
 
                        if ( b->a_authz.sai_sasl_ssf >  op->o_sasl_ssf ) {
                                continue;

diff --git a/servers/slapd/aclparse.c b/servers/slapd/aclparse.c
index 54661b75dad86b360540a5545ae934768985ed8d..d3b88bc6ec6b3b0be789085e7ddb4b0dddb014c7 100644 (file)
--- a/servers/slapd/aclparse.c
+++ b/servers/slapd/aclparse.c
@@ -1236,19 +1236,19 @@ print_access( Access *b )
 
        /* Security Strength Factors */
        if ( b->a_authz.sai_ssf ) {
-               fprintf( stderr, " ssf=%ud",
+               fprintf( stderr, " ssf=%u",
                        b->a_authz.sai_ssf );
        }
        if ( b->a_authz.sai_transport_ssf ) {
-               fprintf( stderr, " transport_ssf=%ud",
+               fprintf( stderr, " transport_ssf=%u",
                        b->a_authz.sai_transport_ssf );
        }
        if ( b->a_authz.sai_tls_ssf ) {
-               fprintf( stderr, " tls_ssf=%ud",
+               fprintf( stderr, " tls_ssf=%u",
                        b->a_authz.sai_tls_ssf );
        }
        if ( b->a_authz.sai_sasl_ssf ) {
-               fprintf( stderr, " sasl_ssf=%ud",
+               fprintf( stderr, " sasl_ssf=%u",
                        b->a_authz.sai_sasl_ssf );
        }