[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 'invalid time limits'

> openldap 2.2.15 added a check for "invalid time limit" and "invalid size
> limit" in servers/slapd/search.c.  What is the purpose of this limit?
> The check has broken one of our production applications.

The protocol allows, as time/size limit, a "maxInt", which,
according to RFC2251, is defined as

    maxInt INTEGER ::= 2147483647 -- (2^^31 - 1) --

This test was absent in earlier versions, and was required for a
clean implementation of internal limits because "illegal" values
(i.e. < 0) are now used to identify an internal search, but the
check should be totally transparent to clients, since the values
that are not allowed by the protocol, should not be encoded by
the client library first.  If they are, the library has a bug
(what implementation of libldap is your client using?), which
you should be able to circumvent by explicitly setting a valid


Pierangelo Masarati

    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497