/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Copyright 1998-2005 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
assert( op );
assert( limit );
-#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, DETAIL1, "==> limits_get: conn=%lu op=%lu dn=\"%s\"\n",
- op->o_connid, op->o_opid,
- BER_BVISNULL( ndn ) ? "[anonymous]" : ndn->bv_val );
-
-#else
- Debug( LDAP_DEBUG_TRACE, "==> limits_get: conn=%lu op=%lu dn=\"%s\"\n",
- op->o_connid, op->o_opid,
- BER_BVISNULL( ndn ) ? "[anonymous]" : ndn->bv_val );
-#endif
+ Debug( LDAP_DEBUG_TRACE, "==> limits_get: %s dn=\"%s\"\n",
+ op->o_log_prefix,
+ BER_BVISNULL( ndn ) ? "[anonymous]" : ndn->bv_val, 0 );
/*
* default values
*/
lm[0]->lm_group_ad );
if ( rc == 0 ) {
*limit = &lm[0]->lm_limits;
-#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=GROUP match=EXACT "
- "dn=\"%s\" oc=\"%s\" ad=\"%s\"\n",
- lm[0]->lm_pat.bv_val,
- lm[0]->lm_group_oc->soc_cname.bv_val,
- lm[0]->lm_group_ad->ad_cname.bv_val );
-#else
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=GROUP match=EXACT "
"dn=\"%s\" oc=\"%s\" ad=\"%s\"\n",
lm[0]->lm_pat.bv_val,
lm[0]->lm_group_oc->soc_cname.bv_val,
lm[0]->lm_group_ad->ad_cname.bv_val );
-#endif
return( 0 );
}
} else {
if ( dn_match( &lm[0]->lm_pat, ndn ) ) {
*limit = &lm[0]->lm_limits;
-#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=EXACT dn=\"%s\"\n",
- lm[0]->lm_pat.bv_val, 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=EXACT dn=\"%s\"\n",
lm[0]->lm_pat.bv_val, 0, 0 );
-#endif
return( 0 );
}
}
}
*limit = &lm[0]->lm_limits;
-#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s dn=\"%s\"\n",
- limits2str( style ), lm[0]->lm_pat.bv_val, 0 );
-#else
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s dn=\"%s\"\n",
limits2str( style ), lm[0]->lm_pat.bv_val, 0 );
-#endif
return( 0 );
}
0, NULL, 0 ) == 0 )
{
*limit = &lm[0]->lm_limits;
-#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s dn=\"%s\"\n",
- limits2str( style ), lm[0]->lm_pat.bv_val, 0 );
-#else
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s dn=\"%s\"\n",
limits2str( style ), lm[0]->lm_pat.bv_val, 0 );
-#endif
return( 0 );
}
break;
case SLAP_LIMITS_ANONYMOUS:
if ( ndn->bv_len == 0 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s\n",
- limits2str( style ), 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s\n",
limits2str( style ), 0, 0 );
-#endif
*limit = &lm[0]->lm_limits;
return( 0 );
}
case SLAP_LIMITS_USERS:
if ( ndn->bv_len != 0 ) {
*limit = &lm[0]->lm_limits;
-#ifdef NEW_LOGGING
- LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s\n",
- limits2str( style ), 0, 0 );
-#else
Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s\n",
limits2str( style ), 0, 0 );
-#endif
return( 0 );
}
break;
assert( be );
if ( argc < 3 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s : line %d: missing arg(s) in "
- "\"limits <pattern> <limits>\" line.\n", fname, lineno, 0 );
-#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: missing arg(s) in "
"\"limits <pattern> <limits>\" line.\n%s",
fname, lineno, "" );
-#endif
return( -1 );
}
pattern += STRLENOF( "level" );
} else {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, WARNING ,
- "%s : line %d: deprecated \"one\" style "
- "\"limits <pattern> <limits>\" line; "
- "use \"onelevel\" instead.\n", fname, lineno, 0 );
-#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: deprecated \"one\" style "
"\"limits <pattern> <limits>\" line; "
"use \"onelevel\" instead.\n", fname, lineno, 0 );
-#endif
}
} else if ( strncasecmp( pattern, "sub", STRLENOF( "sub" ) ) == 0 ) {
pattern += STRLENOF( "tree" );
} else {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, WARNING ,
- "%s : line %d: deprecated \"sub\" style "
- "\"limits <pattern> <limits>\" line; "
- "use \"subtree\" instead.\n", fname, lineno, 0 );
-#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: deprecated \"sub\" style "
"\"limits <pattern> <limits>\" line; "
"use \"subtree\" instead.\n", fname, lineno, 0 );
-#endif
}
} else if ( strncasecmp( pattern, "children", STRLENOF( "children" ) ) == 0 ) {
default:
if ( pattern[0] != '=' ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s : line %d: missing '=' in "
- "\"dn[.{exact|base|onelevel|subtree"
- "|children|regex|anonymous}]" "=<pattern>\" in "
- "\"limits <pattern> <limits>\" line.\n", fname, lineno, 0 );
-#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: missing '=' in "
"\"dn[.{exact|base|onelevel|subtree"
"\"limits <pattern> <limits>\" "
"line.\n%s",
fname, lineno, "" );
-#endif
return( -1 );
}
struct berval oc, ad;
oc.bv_val = pattern + 1;
+ pattern = strchr( pattern, '=' );
+ if ( pattern == NULL ) {
+ return -1;
+ }
- ad.bv_val = strchr(pattern, '/');
+ ad.bv_val = strchr( oc.bv_val, '/' );
if ( ad.bv_val != NULL ) {
const char *text = NULL;
int rc;
oc.bv_len = ad.bv_val - oc.bv_val;
ad.bv_val++;
- ad.bv_len = strlen( ad.bv_val );
+ ad.bv_len = pattern - ad.bv_val;
rc = slap_bv2ad( &ad, &group_ad, &text );
if ( rc != LDAP_SUCCESS ) {
goto no_ad;
}
- pattern = ad.bv_val + ad.bv_len;
-
} else {
- oc.bv_len = strlen( oc.bv_val );
-
- pattern = oc.bv_val + oc.bv_len;
+ oc.bv_len = pattern - oc.bv_val;
}
group_oc = oc_bvfind( &oc );
flags = SLAP_LIMITS_TYPE_GROUP | SLAP_LIMITS_EXACT;
if ( pattern[0] != '=' ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s : line %d: missing '=' in "
- "\"group[/objectClass[/attributeType]]"
- "=<pattern>\" in "
- "\"limits <pattern> <limits>\" line.\n",
- fname, lineno, 0 );
-#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: missing '=' in "
"\"group[/objectClass[/attributeType]]"
"=<pattern>\" in "
"\"limits <pattern> <limits>\" line.\n",
fname, lineno, 0 );
-#endif
return( -1 );
}
for ( i = 2; i < argc; i++ ) {
if ( limits_parse_one( argv[i], &limit ) ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s : line %d: unknown limit values \"%s\" in "
- "\"limits <pattern> <limits>\" line.\n",
- fname, lineno, argv[i] );
-#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: unknown limit values \"%s\" in "
"\"limits <pattern> <limits>\" line.\n",
fname, lineno, argv[i] );
-#endif
return( 1 );
}
rc = limits_add( be, flags, pattern, group_oc, group_ad, &limit );
if ( rc ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s : line %d: unable to add limit in "
- "\"limits <pattern> <limits>\" line.\n",
- fname, lineno, 0 );
-#else
Debug( LDAP_DEBUG_ANY,
"%s : line %d: unable to add limit in "
"\"limits <pattern> <limits>\" line.\n",
fname, lineno, 0 );
-#endif
}
return( rc );
}
/* if paged results is requested */
- if ( get_pagedresults( op ) > SLAP_NO_CONTROL ) {
+ if ( get_pagedresults( op ) > SLAP_CONTROL_IGNORED ) {
int slimit = -2;
int pr_total;
+ PagedResultsState *ps = op->o_pagedresults_state;
/* paged results is not allowed */
if ( op->ors_limit->lms_s_pr_total == -2 ) {
return -1;
}
- if ( op->ors_limit->lms_s_pr > 0 && op->o_pagedresults_size > op->ors_limit->lms_s_pr ) {
+ if ( op->ors_limit->lms_s_pr > 0 && ps->ps_size > op->ors_limit->lms_s_pr ) {
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
rs->sr_text = "illegal pagedResults page size";
send_ldap_result( op, rs );
slimit = -1;
} else {
- slimit = op->ors_slimit - op->o_pagedresults_state.ps_count;
+ slimit = op->ors_slimit - ps->ps_count;
}
#ifdef ABOVE_HARD_LIMIT_IS_ERROR
slimit2 = op->ors_slimit;
}
- total = slimit2 - op->o_pagedresults_state.ps_count;
+ total = slimit2 - ps->ps_count;
if ( total >= 0 ) {
if ( op->ors_limit->lms_s_pr > 0 ) {
op->ors_slimit = slimit;
} else if ( slimit > 0 ) {
- if ( op->ors_slimit - op->o_pagedresults_state.ps_count > slimit ) {
+ if ( op->ors_slimit - ps->ps_count > slimit ) {
rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
send_ldap_result( op, rs );
rs->sr_err = LDAP_SUCCESS;