httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <BNICHO...@novell.com>
Subject Re: util_ldap.c use of hardcoded sizelimit on ldap_search_ext_s causing error
Date Tue, 20 Feb 2007 16:17:56 GMT
>>> On 2/19/2007 at 9:29 AM, in message
<cc67648e0702190829qc3a167evfb7e611fac2acfd4@mail.gmail.com>, "Jeff Trawick"
<trawick@gmail.com> wrote:
> On 2/15/07, David Jones <oscaremma@gmail.com> wrote:
>> Currently util_ldap.c has a hard coded -1 as the search limit value (meaning
>> infinite/no limit) on ldap_search_ext_s() calls.  Some platforms cannot
>> handle the -1, but need a 0.  Linux, zoS (and others) have a LDAP_NO_LIMIT
>> value in ldap.h.
>>  Below is a patch, allows those who have LDAP_NO_LIMIT value to take
>> advantage of it, and others to continue using a -1 value.
> 
> patch committed to trunk and proposed for backport 2.2.x
> my guess is that -1 is rarely/never the proper value, but that isn't
> so easy to confirm; hopefully the symbol is always available in modern
> SDK level

The values of 0 and -1 have a different meaning at least in the Novell LDAP SDK.  A value
of 0 or LDAP_NO_LIMIT specifies that the search truely has no limit to the number of entries
that will be returned.  A value of -1 or LDAP_DEFAULT_SIZELIMIT specifies that the search
should default to the session value or the value that was set in the session by LDAP_OPT_SIZELIMIT.
 Changing the sizelimit parameter from -1 to LDAP_NO_LIMIT in the calls to ldap_search_ext_s()
removes the ability to control the size limit through the session options.  In fact the patch
that was submitted will cause the ldap_search_ext_s() function to act differently depending
on whether the LDAP SDK has defined LDAP_NO_LIMIT or not.  

I can't confirm this because I haven't been able to find it documented for all SDKs but I
would assume that the initial reason for specifying -1 rather than LDAP_NO_LIMIT or LDAP_DEFAULT_SIZELIMIT
is because the intention was to make the call to ldap_search_ext_s() defer to the size limit
specified in the session.  But not all SDKs define LDAP_DEFAULT_SIZELIMIT, therefore -1 was
hardcoded.  Can those that know the OpenLDAP or Microsoft LDAP SDKs confirm that those SDKs
support a -1 or LDAP_DEFAULT_SIZELIMIT?

In the meantime, the patch should probably be revised to make sure that all platforms work
the same rather than some supporting LDAP_NO_LIMIT and other supporting LDAP_DEFAULT_SIZELIMIT.
 The preference should be LDAP_DEFAULT_SIZELIMIT (-1).

Brad

Mime
View raw message