[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldap] Re: LDAP SDK API question.
- To: JR Heisey <jr.heisey@mediagate.com>
- Subject: Re: [ldap] Re: LDAP SDK API question.
- From: ggood@netscape.com (Gordon Good)
- Date: Fri, 26 Mar 1999 16:34:24 -0800
- Cc: Ian Bruce <ianbruce@lucent.com>, ldap@umich.edu, openldap-devel@OpenLDAP.org
- References: <LYR4632-2365-1998.11.17-07.52.41--kristian#netscape.com@listserver.itd.umich.edu> <LYR8267-2841-1998.11.24-21.53.37--ian#dismay.ih.lucent.com@listserver.itd.umich.edu> <LYR17895-9870-1999.03.26-17.16.46--jr.heisey#mediagate.com@listserver.itd.umich.edu> <LYR7978-9873-1999.03.26-18.01.01--ggood#netscape.com@listserver.itd.umich.edu>
This isn't quite correct. There are two separate things here; (1) client SDK timeouts and (2) server time and size
limits, I think you're confusing the two.
Client SDK timeouts:
==============
When you call ldap_search_st(), which has the following signature:
int ldap_search_st( LDAP *ld, const char *base, int scope,
const char* filter, char **attrs, int attrsonly,
struct timeval *timeout, LDAPMessage **res );
...the "timeout" parameter tells the SDK how long it should wait for the results of the search operation to come
back from the server. This parameter is *not* passed to the server. It's meant to allow you to deal with the case
where a server accepts a request and just never answers.
If you look at the source, you'll see that ldap_search_st() is just a call to ldap_search() and then a call to
ldap_result(), passing the "timeout" parameter to ldap_result(). If the timeout expires, ldap_result() will return
and the SDK will abandon the operation.
Server-side size and time limits
=====================
You can also indicate to the server that you want it to terminate processing of a search operation if too much
time passes or too many entries are retrieved. If the size or time limit is exceeded, the server will send the
result code LDAP_TIMELIMIT_EXCEEDED or LDAP_SIZELIMIT_EXCEEDED as appropriate.
You set server-side time and size limits by using the ldap_set_option() call and seting the LDAP_OPT_TIMELIMIT and
LDAP_OPT_SIZELIMIT options.
Note that servers may have default size and time limits that cannot be overridden by unprivileged clients. For
example, the umich-derived servers (including Netscape's) allow unprivileged clients to request a smaller size or
time limit than the default, but such clients cannot set a larger size or time limit.
Hope this clears things up. This information should apply to ldap-3.3, OpenLDAP, and Netscape LDAP C SDKs.
-Gordon
JR Heisey wrote:
> The Mozilla code is implemented is implemented both ways. The timeout
> value is sent to the server thus the server could timeout. The ldap_search_st()
> calls the ldap_result() function and passes the timeout. ldap_result() will
> also return when the timeout duration has elapsed.
>
> The OpenLDAP seems to rely on the ldap_result() function to perform
> the timeout. However the as the search is sent to the server the member timelimit
> var of the LDAP structure is sent. I consider this an incorrect implementation
> because the timelimit var of the LDAP structure can never be overridden
> with the timeout value passed to ldap_search_st().
>
> Thought I'd cross post the to the OpenLDAP group.
>
> JR
>
> Ian Bruce wrote:
>
> > Does the ldap_search_st() function depend in any way on the server or is it just
> > a client side timeout mechanism?
> > --
> >
> > Ian Bruce
> > (630) 713-7387
> > ianbruce@lucent.com
> >
> > ---
> > You are currently subscribed to ldap@umich.edu as: jr.heisey@mediagate.com
> > To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the SUBJECT of the message.
>
> --
> -
> J. R. Heisey
>
> ---
> You are currently subscribed to ldap@umich.edu as: [ggood@netscape.com]
> To unsubscribe send email to ldap-request@umich.edu with the word UNSUBSCRIBE as the SUBJECT of the message.