[Date Prev][Date Next]
Re: [ldap] Re: LDAP SDK API question.
- To: JR Heisey <email@example.com>
- Subject: Re: [ldap] Re: LDAP SDK API question.
- From: firstname.lastname@example.org (Gordon Good)
- Date: Fri, 26 Mar 1999 16:34:24 -0800
- Cc: Ian Bruce <email@example.com>, firstname.lastname@example.org, openldap-devel@OpenLDAP.org
- References: <LYR4632email@example.com> <LYR8267firstname.lastname@example.org> <LYR17895email@example.com> <LYR7978firstname.lastname@example.org>
This isn't quite correct. There are two separate things here; (1) client SDK timeouts and (2) server time and size
limits, I think you're confusing the two.
Client SDK timeouts:
When you call ldap_search_st(), which has the following signature:
int ldap_search_st( LDAP *ld, const char *base, int scope,
const char* filter, char **attrs, int attrsonly,
struct timeval *timeout, LDAPMessage **res );
...the "timeout" parameter tells the SDK how long it should wait for the results of the search operation to come
back from the server. This parameter is *not* passed to the server. It's meant to allow you to deal with the case
where a server accepts a request and just never answers.
If you look at the source, you'll see that ldap_search_st() is just a call to ldap_search() and then a call to
ldap_result(), passing the "timeout" parameter to ldap_result(). If the timeout expires, ldap_result() will return
and the SDK will abandon the operation.
Server-side size and time limits
You can also indicate to the server that you want it to terminate processing of a search operation if too much
time passes or too many entries are retrieved. If the size or time limit is exceeded, the server will send the
result code LDAP_TIMELIMIT_EXCEEDED or LDAP_SIZELIMIT_EXCEEDED as appropriate.
You set server-side time and size limits by using the ldap_set_option() call and seting the LDAP_OPT_TIMELIMIT and
Note that servers may have default size and time limits that cannot be overridden by unprivileged clients. For
example, the umich-derived servers (including Netscape's) allow unprivileged clients to request a smaller size or
time limit than the default, but such clients cannot set a larger size or time limit.
Hope this clears things up. This information should apply to ldap-3.3, OpenLDAP, and Netscape LDAP C SDKs.
JR Heisey wrote:
> The Mozilla code is implemented is implemented both ways. The timeout
> value is sent to the server thus the server could timeout. The ldap_search_st()
> calls the ldap_result() function and passes the timeout. ldap_result() will
> also return when the timeout duration has elapsed.
> The OpenLDAP seems to rely on the ldap_result() function to perform
> the timeout. However the as the search is sent to the server the member timelimit
> var of the LDAP structure is sent. I consider this an incorrect implementation
> because the timelimit var of the LDAP structure can never be overridden
> with the timeout value passed to ldap_search_st().
> Thought I'd cross post the to the OpenLDAP group.
> Ian Bruce wrote:
> > Does the ldap_search_st() function depend in any way on the server or is it just
> > a client side timeout mechanism?
> > --
> > Ian Bruce
> > (630) 713-7387
> > email@example.com
> > ---
> > You are currently subscribed to firstname.lastname@example.org as: email@example.com
> > To unsubscribe send email to firstname.lastname@example.org with the word UNSUBSCRIBE as the SUBJECT of the message.
> J. R. Heisey
> You are currently subscribed to email@example.com as: [firstname.lastname@example.org]
> To unsubscribe send email to email@example.com with the word UNSUBSCRIBE as the SUBJECT of the message.