httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <bnicho...@novell.com>
Subject Re: util_ldap.c use of hardcoded sizelimit on ldap_search_ext_s causing error
Date Thu, 08 Mar 2007 17:10:37 GMT
Please submit a complete patch against trunk for the apr-util code that includes the ZOS define.
 This should include the makefile magic that defines APR_HAS_ZOS_LDAPSDK as well.  Also include
a patch for util_ldap.c that will define APR_LDAP_SIZELIMIT if the version of apr-util does
not include the #define.

Brad

>>> On Wed, Mar 7, 2007 at  8:36 AM, in message
<3ce0569d0703070736h2a221c2ese79fdadab5ef400c@mail.gmail.com>, "David Jones"
<oscaremma@gmail.com> wrote: 
> Patch to commit if no further comments.
> Note that it does not have the ZOS define yet, and does not synch apr- util
> with httpd.
>   to avoid synch problems i could add to util_ldap:
> #ifndef APR_LDAP_SIZELIMIT
> #define APR_LDAP_SIZELIMIT - 1
> #endif
> 
> 
> 
> Index: modules/ldap/util_ldap.c
> ==============================
>>
>> =====================================
>> ---  modules/ldap/util_ldap.c    (revision 510991)
>> +++ modules/ldap/util_ldap.c    (working copy)
>> @@ - 52,9 +52,6 @@
>>  #define LDAP_CA_TYPE_BASE64             2
>>  #define LDAP_CA_TYPE_CERT7_DB           3
>>
>> - #ifndef LDAP_NO_LIMIT
>> - #define LDAP_NO_LIMIT - 1
>> - #endif
>>
>>  module AP_MODULE_DECLARE_DATA ldap_module;
>>
>> @@ - 660,7 +657,7 @@
>>      /* search for reqdn */
>>      if ((result = ldap_search_ext_s(ldc- >ldap, (char *)reqdn,
>> LDAP_SCOPE_BASE,
>>                                      "(objectclass=*)", NULL, 1,
>> -                                     NULL, NULL, NULL, LDAP_NO_LIMIT,
>> &res))
>> +                                    NULL, NULL, NULL, APR_LDAP_SIZELIMIT,
>> &res))
>>              == LDAP_SERVER_DOWN)
>>      {
>>          ldc- >reason = "DN Comparison ldap_search_ext_s() "
>> @@ - 938,7 +935,7 @@
>>      if ((result = ldap_search_ext_s(ldc- >ldap,
>>                                      (char *)basedn, scope,
>>                                      (char *)filter, attrs, 0,
>> -                                     NULL, NULL, NULL, LDAP_NO_LIMIT,
>> &res))
>> +                                    NULL, NULL, NULL, APR_LDAP_SIZELIMIT,
>> &res))
>>              == LDAP_SERVER_DOWN)
>>      {
>>          ldc- >reason = "ldap_search_ext_s() for user failed with server
>> down";
>> @@ - 1178,7 +1175,7 @@
>>      if ((result = ldap_search_ext_s(ldc- >ldap,
>>                                      (char *)basedn, scope,
>>                                      (char *)filter, attrs, 0,
>> -                                     NULL, NULL, NULL, LDAP_NO_LIMIT,
>> &res))
>> +                                    NULL, NULL, NULL, APR_LDAP_SIZELIMIT,
>> &res))
>>              == LDAP_SERVER_DOWN)
>>      {
>>          ldc- >reason = "ldap_search_ext_s() for user failed with server
>> down";
>> Index: apr- util/include/apr_ldap.h.in
>> ===================================================================
>> ---  apr- util/include/apr_ldap.h.in    (revision 515593)
>> +++ apr- util/include/apr_ldap.h.in    (working copy)
>> @@ - 93,6 +93,15 @@
>>  #define LDAPS_PORT 636  /* ldaps:/// default LDAP over TLS port */
>>  #endif
>>
>> +/*
>> + * For ldap function calls that input a size limit on the number of
>> returned entries.
>> + * Some SDKs do not have the define for LDAP_DEFAULT_LIMIT (- 1) or
>> LDAP_NO_LIMIT (0)
>> + */
>> +#ifdef LDAP_DEFAULT_LIMIT
>> +#define APR_LDAP_SIZELIMIT LDAP_DEFAULT_LIMIT
>> +#else
>> +#define APR_LDAP_SIZELIMIT - 1 /* equivalent to LDAP_DEFAULT_LIMIT */
>> +#endif
>>
>>  /* Note: Macros defining const casting has been removed in APR v1.0,
>>   * pending real support for LDAP v2.0 toolkits.
> 
> 
> 
> On 3/2/07, Brad Nicholes <BNICHOLES@novell.com> wrote:
>>
>> Looks good, I think I like your first suggestion better, putting the
>> #ifdef in apr_ldap.h.in.  This seems a little more straight forward rather
>> than hiding the value in configure.
>>
>> Brad
>>
>> >>> On 3/1/2007 at 7:07 PM, in message
>> <3ce0569d0703011807g15dcba1eq20bb20c57df6774b@mail.gmail.com>, "David
>> Jones"
>> <oscaremma@gmail.com> wrote:
>> > How about:
>> > changes to apr_ldap.h.in:
>> > #define APR_HAS_ZOS_LDAPSDK       @apu_has_ldap_zos@
>> >
>> > #if APR_LDAP_HAS_ZOS_LDAPSDK
>> > #define APR_LDAP_SIZELIMIT  LDAP_NO_LIMIT
>> > #else
>> > #ifdef LDAP_DEFAULT_LIMIT
>> > #define APR_LDAP_SIZELIMIT LDAP_DEFAULT_LIMIT
>> > #else
>> > #define APR_LDAP_SIZELIMIT - 1 /* equivalent to LDAP_DEFAULT_LIMIT */
>> > #endif
>> > #endif
>> >
>> >
>> > This part of  the util_ldap.c patch at the bottom could allow
>> util_ldap.c to
>> > compile regardless of apr- util level, but would not typically commit it?
>> > +#ifndef APR_LDAP_SIZELIMIT
>> > +#define APR_LDAP_SIZELIMIT - 1
>> >  #endif
>> >
>> >
>> >
>> > Or could add info to apu- conf.m4 for each SDK, eliminating the need for
>> the
>> > ZOS specific #if (would just need #define APR_LDAP_SIZELIMIT
>> > @apu_ldap_sizelimit)
>> > (If get any input from other SDKs then could replace its  - 1 with
>> > LDAP_DEFAULT_LIMIT or LDAP_NO_LIMIT as i did for z/OS)
>> >
>> > Index: apu- conf.m4
>> > ===================================================================
>> > RCS file: /m0xa/cvs/phoenix/2.2.4/srclib/apr- util/build/apu- conf.m4,v
>> > retrieving revision 1.2
>> > diff - u - d - b - r1.2 apu- conf.m4
>> > ---  apu- conf.m4 12 Feb 2007 18:19:20 - 0000      1.2
>> > +++ apu- conf.m4 1 Mar 2007 20:07:26 - 0000
>> >
>> > @@ - 267,10 +273,13 @@
>> >  apu_has_ldap_sslinit="0"
>> >  apu_has_ldapssl_install_routines="0"
>> >  apu_has_ldap_openldap="0"
>> >  +apu_has_ldap_sizelimit="0"
>> > @@ - 354,42 +363,57 @@
>> >            AC_EGREP_CPP([OpenLDAP], [$lber_h
>> >                         $ldap_h
>> >                         LDAP_VENDOR_NAME], [apu_has_ldap_openldap="1"
>> > +                                           apu_ldap_sizelimit="- 1"
>> >
>> apr_cv_ldap_toolkit="OpenLDAP"])
>> >          fi
>> >          if test "x$apr_cv_ldap_toolkit" = "x"; then
>> >            AC_EGREP_CPP([Sun Microsystems Inc.], [$lber_h
>> >                         $ldap_h
>> >                         LDAP_VENDOR_NAME], [apu_has_ldap_solaris="1"
>> > +                                           apu_ldap_sizelimit="- 1"
>> >
>> apr_cv_ldap_toolkit="Solaris"])
>> >          fi
>> >          if test "x$apr_cv_ldap_toolkit" = "x"; then
>> >            AC_EGREP_CPP([Novell], [$lber_h
>> >                         $ldap_h
>> >                         LDAP_VENDOR_NAME], [apu_has_ldap_novell="1"
>> > +                                           apu_ldap_sizelimit="- 1"
>> >
>> apr_cv_ldap_toolkit="Novell"])
>> >          fi
>> >          if test "x$apr_cv_ldap_toolkit" = "x"; then
>> >            AC_EGREP_CPP([Microsoft Corporation.], [$lber_h
>> >                         $ldap_h
>> >                         LDAP_VENDOR_NAME], [apu_has_ldap_microsoft="1"
>> > +                                           apu_ldap_sizelimit="- 1"
>> >
>> > apr_cv_ldap_toolkit="Microsoft"])
>> >          fi
>> >          if test "x$apr_cv_ldap_toolkit" = "x"; then
>> >            AC_EGREP_CPP([Netscape Communications Corp.], [$lber_h
>> >                         $ldap_h
>> >                         LDAP_VENDOR_NAME], [apu_has_ldap_netscape="1"
>> > +                                           apu_ldap_sizelimit="- 1"
>> >
>> apr_cv_ldap_toolkit="Netscape"])
>> >          fi
>> >          if test "x$apr_cv_ldap_toolkit" = "x"; then
>> >            AC_EGREP_CPP([mozilla.org], [$lber_h
>> >                         $ldap_h
>> >                         LDAP_VENDOR_NAME], [apu_has_ldap_mozilla="1"
>> > +                                           apu_ldap_sizelimit="- 1"
>> >
>> apr_cv_ldap_toolkit="Mozilla"])
>> >          fi
>> >          if test "x$apr_cv_ldap_toolkit" = "x"; then
>> > +          AC_EGREP_CPP([IBM], [$lber_h
>> > +                       $ldap_h
>> > +                       LDAP_VENDOR_NAME], [apu_has_ldap_zos="1"
>> > +
>> > apu_ldap_sizelimit="LDAP_NO_LIMIT"
>> > +                                           apr_cv_ldap_toolkit="ZOS"])
>> > +        fi
>> > +        if test "x$apr_cv_ldap_toolkit" = "x"; then
>> >            apu_has_ldap_other="1"
>> > +          apu_ldap_sizelimit="- 1"
>> >            apr_cv_ldap_toolkit="unknown"
>> >          fi
>> > +
>> >        ])
>> >      fi
>> >
>> > @@ - 398,15 +422,20 @@
>> >      LIBS=$save_libs
>> >    ])
>> >
>> > +AC_SUBST(apu_ldap_sizelimit)
>> >  AC_SUBST(ldap_h)
>> >  AC_SUBST(lber_h)
>> >  AC_SUBST(ldap_ssl_h)
>> >
>> > @@ - 415,6 +444,7 @@
>> >  AC_SUBST(apu_has_ldap_microsoft)
>> >  AC_SUBST(apu_has_ldap_netscape)
>> >  AC_SUBST(apu_has_ldap_mozilla)
>> > +AC_SUBST(apu_has_ldap_zos)
>> >  AC_SUBST(apu_has_ldap_other)
>> >
>> >  ])
>> >
>> >
>> >
>> >
>> > And finally this same either way except for the question on #ifndef
>> > APR_LDAP_SIZELIMIT
>> > Index: util_ldap.c
>> > ===================================================================
>> > RCS file: /m0xa/cvs/phoenix/2.2.4/modules/ldap/util_ldap.c,v
>> > retrieving revision 1.3
>> > diff - u - d - b - r1.3 util_ldap.c
>> > ---  util_ldap.c 15 Feb 2007 18:55:41 - 0000      1.3
>> > +++ util_ldap.c 1 Mar 2007 20:19:39 - 0000
>> > @@ - 45,15 +45,8 @@
>> >  #include "unixd.h"
>> >  #endif
>> >
>> > - #ifndef LDAP_NO_LIMIT
>> > - #define LDAP_NO_LIMIT - 1
>> > +#ifndef APR_LDAP_SIZELIMIT
>> > +#define APR_LDAP_SIZELIMIT - 1
>> >  #endif
>> >
>> >  module AP_MODULE_DECLARE_DATA ldap_module;
>> > @@ - 681,7 +681,7 @@
>> >      /* search for reqdn */
>> >      if ((result = ldap_search_ext_s(ldc- >ldap, (char *)reqdn,
>> > LDAP_SCOPE_BASE,
>> >                                      "(objectclass=*)", NULL, 1,
>> > -                                     NULL, NULL, NULL, LDAP_NO_LIMIT,
>> &res))
>> > +                                    NULL, NULL, NULL,
>> APR_LDAP_SIZELIMIT,
>> > &res))
>> >              == LDAP_SERVER_DOWN)
>> >      {
>> >          ldc- >reason = "DN Comparison ldap_search_ext_s() "
>> > @@ - 960,13 +961,14 @@
>> >      if ((result = ldap_search_ext_s(ldc- >ldap,
>> >                                      (char *)basedn, scope,
>> >                                      (char *)filter, attrs, 0,
>> > -                                     NULL, NULL, NULL, LDAP_NO_LIMIT,
>> &res))
>> > +                                    NULL, NULL, NULL,
>> APR_LDAP_SIZELIMIT,
>> > &res))
>> >              == LDAP_SERVER_DOWN)
>> >      {
>> >          ldc- >reason = "ldap_search_ext_s() for user failed with server
>> > down";
>> >
>> > @@ - 1200,14 +1202,14 @@
>> >      if ((result = ldap_search_ext_s(ldc- >ldap,
>> >                                      (char *)basedn, scope,
>> >                                      (char *)filter, attrs, 0,
>> > -                                     NULL, NULL, NULL, LDAP_NO_LIMIT,
>> &res))
>> > +                                    NULL, NULL, NULL,
>> APR_LDAP_SIZELIMIT,
>> > &res))
>> >              == LDAP_SERVER_DOWN)
>> >      {
>> >          ldc- >reason = "ldap_search_ext_s() for user failed with server
>> > down"
>>
>>
>>



Mime
View raw message