[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SIZELIMIT 0 gives a zero limit

To: Fabio Pedretti <fabio.pedretti@ing.unibs.it>
Subject: Re: SIZELIMIT 0 gives a zero limit
From: Pierangelo Masarati <ando@sys-net.it>
Date: Wed, 08 Oct 2008 20:09:37 +0200
Cc: Gavin Henry <ghenry@suretecsystems.com>, openldap-bugs@openldap.org
In-reply-to: <20081008093805.uk3bd0bt0psgowsw@webmail.ing.unibs.it>
References: <3156560.701223407053508.JavaMail.root@mail> <20081008093805.uk3bd0bt0psgowsw@webmail.ing.unibs.it>
User-agent: Thunderbird 2.0.0.16 (X11/20080724)

Fabio Pedretti wrote:

Citando Gavin Henry <ghenry@suretecsystems.com>:
----- "Fabio Pedretti" <fabio.pedretti@ing.unibs.it> wrote:
The ldap.conf man page says this:
SIZELIMIT <integer>
Specifies a size limit to use when performing searches.  The number
should  be  a
non-negative  integer. SIZELIMIT of zero (0) specifies unlimited
search size.
However it appears that putting "SIZELIMIT 0" in my ldap.conf gives
a:
# search result
search: 2
result: 4 Size limit exceeded
To workaround this I put a very large value and it works. I am using
openldap 2.4.11 compiled from source on a Slackware 10.0. Is it an
openldap bug?
Do you have any limits on your slapd config?
OK, I found the problem.
In my slapd.conf I had sizelimit 0 which appears to be wrong. In this case SIZELIMT 0 in ldap.conf gives zero records, SIZELIMIT 1 gives 1 records, etc...
Changing slapd.conf to:
sizelimit unlimited
works correctly.
This behaviour is somewhat strange, however: 1) "sizelimit" in slapd.conf and "SIZELIMIT" options in ldap.conf are not coherent (the first want "unlimited", the latter "0" to specify no limits);

Correct. They do not need to be coherent: SIZELIMIT 0 refers to an unlimited sizelimit as per RFC 4511. sizelimit 0 is private to slapd, a specific DSA implementation's configuration, whose semantics requires to be able to specify both an unlimited size limit and a 0 size limit (e.g. to prevent specific users from receiving any entry).

2) when "sizelimit 0" is defined in slapd.conf the behaviour appears to be undefined (it works fine only if you use a different than "0" value for SIZELIMIT in ldap.conf); it should print an error or at least a warning when set to "0", since this not means "no limits" (or even better "0" could be changed to means "unlimited" also here and also reflected in man page of slapd.conf).

What seems to be an inconsistency, is actually intended (and documented, AFAIK). In fact, "sizelimit 0" sets the soft limit, while the hard limit remains the default (500). Probably, "sizelimit X" should set both.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

References:
- Re: SIZELIMIT 0 gives a zero limit
  - From: Gavin Henry <ghenry@suretecsystems.com>
- Re: SIZELIMIT 0 gives a zero limit
  - From: Fabio Pedretti <fabio.pedretti@ing.unibs.it>

Prev by Date: (ITS#5730) Seg fault with referral entry and search filter (name=some name)
Next by Date: Re: (ITS#5369) GSSAPI support for client library
Index(es):
- Chronological
- Thread