httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <>
Subject Re: util_ldap.c use of hardcoded sizelimit on ldap_search_ext_s causing error
Date Tue, 20 Feb 2007 16:17:56 GMT
>>> On 2/19/2007 at 9:29 AM, in message
<>, "Jeff Trawick"
<> wrote:
> On 2/15/07, David Jones <> wrote:
>> Currently util_ldap.c has a hard coded -1 as the search limit value (meaning
>> infinite/no limit) on ldap_search_ext_s() calls.  Some platforms cannot
>> handle the -1, but need a 0.  Linux, zoS (and others) have a LDAP_NO_LIMIT
>> value in ldap.h.
>>  Below is a patch, allows those who have LDAP_NO_LIMIT value to take
>> advantage of it, and others to continue using a -1 value.
> patch committed to trunk and proposed for backport 2.2.x
> my guess is that -1 is rarely/never the proper value, but that isn't
> so easy to confirm; hopefully the symbol is always available in modern
> SDK level

The values of 0 and -1 have a different meaning at least in the Novell LDAP SDK.  A value
of 0 or LDAP_NO_LIMIT specifies that the search truely has no limit to the number of entries
that will be returned.  A value of -1 or LDAP_DEFAULT_SIZELIMIT specifies that the search
should default to the session value or the value that was set in the session by LDAP_OPT_SIZELIMIT.
 Changing the sizelimit parameter from -1 to LDAP_NO_LIMIT in the calls to ldap_search_ext_s()
removes the ability to control the size limit through the session options.  In fact the patch
that was submitted will cause the ldap_search_ext_s() function to act differently depending
on whether the LDAP SDK has defined LDAP_NO_LIMIT or not.  

I can't confirm this because I haven't been able to find it documented for all SDKs but I
would assume that the initial reason for specifying -1 rather than LDAP_NO_LIMIT or LDAP_DEFAULT_SIZELIMIT
is because the intention was to make the call to ldap_search_ext_s() defer to the size limit
specified in the session.  But not all SDKs define LDAP_DEFAULT_SIZELIMIT, therefore -1 was
hardcoded.  Can those that know the OpenLDAP or Microsoft LDAP SDKs confirm that those SDKs

In the meantime, the patch should probably be revised to make sure that all platforms work
the same rather than some supporting LDAP_NO_LIMIT and other supporting LDAP_DEFAULT_SIZELIMIT.
 The preference should be LDAP_DEFAULT_SIZELIMIT (-1).


View raw message