[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6186) sizelimit broken

To: openldap-its@OpenLDAP.org
Subject: (ITS#6186) sizelimit broken
From: christian.fischer@fischundfischer.com
Date: Tue, 23 Jun 2009 14:58:53 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Christian Fischer
Version: 2.4.16
OS: gentoo amd64
URL: 
Submission from: (NULL) (213.221.82.34)


slapd ignores sizelimit values above 500 and -1 (unlimited)

If sizelimit is set to a value >=0 and <=500 the behavior is as expected,
unlimited 
(-1) and values >500 are ignored.

I've turned on args debugging to see if something is different between 2.4.16
and 2.3.43, which works for me. 

Version 2.3.43 op->ors_slimit is set to 0 if do_search() is executed, 
version 2.4.16 op->ors_slimit is set to 500 (SLAPD_DEFAULT_SIZELIMIT).

That explains the different behavior of limits_check().

With ors_slimit set to SLAPD_DEFAULT_SIZELIMIT it runs into 
servers/slapd/limits.c:1294 and ors_slimit will only set to 
ors_limit->lms_s_soft if the value of ors_limit->lms_s_soft is between 1 and 
SLAPD_DEFAULT_SIZELIMIT -1.

This patch has solved my problem for now, sizelimit statement is working without
restrictions.

--- openldap-2.4.16/servers/slapd_orig/limits.c 2009-01-22 01:01:01.000000000
+0100
+++ openldap-2.4.16/servers/slapd/limits.c      2009-06-15 09:27:36.212817654
+0200
@@ -1077,6 +1077,9 @@
                return 0;
        }

+       /* fix sizelimit */
+       op->ors_slimit = 0;
+
        /* allow root to set no limit */
        if ( be_isroot( op ) ) {
                op->ors_limit = NULL;


### config snippet ###

include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/rfc2307bis.schema
include         /etc/openldap/schema/samba.schema
include         /etc/openldap/schema/misc.schema
include         /etc/openldap/schema/openssh-lpk.schema
include         /etc/openldap/schema/radius.schema
include         /etc/openldap/schema/egr.schema
include         /etc/openldap/schema/mozillaabpersonalpha.schema
include         /etc/openldap/schema/dhcp.schema

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

TLSCertificateFile /etc/openldap/ssl/ldap.pem
TLSCertificateKeyFile /etc/openldap/ssl/ldap.pem
TLSCACertificateFile /etc/openldap/ssl/ca.crt
TLSVerifyClient never

loglevel  none
serverID 2
security ssf=256
disallow bind_anon
require authc

database bdb
suffix "dc=foo,dc=bar"
rootdn "cn=Manager,dc=foo,dc=bar"
rootpw secret
directory /var/lib/openldap-data
checkpoint 32 30
sizelimit unlimited

index objectclass,entryCSN,entryUUID eq

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100
syncprov-reloadhint TRUE

syncrepl rid=123
        provider=ldap://isc01.foo.bar
        starttls=yes
        tls_reqcert=never
        type=refreshAndPersist
        retry="5 5 60 +"
        searchbase="dc=foo,dc=bar"
        scope=sub
        schemachecking=on
        bindmethod=simple
        binddn="cn=syncrepl,ou=dsa,dc=foo,dc=bar"
        credentials=secret

mirrormode on


### ACL ###
#
[snip]

Prev by Date: Re: (ITS#6185) test033-glue-syncrepl failed
Next by Date: Re: (ITS#5701) connection.c asserting during test008
Index(es):
- Chronological
- Thread