#include "slap.h"
int
-get_limits(
+limits_get(
Operation *op,
struct berval *ndn,
struct slap_limits_set **limit
}
static int
-add_limits(
+limits_add(
Backend *be,
unsigned flags,
const char *pattern,
}
int
-parse_limits(
+limits_parse(
Backend *be,
const char *fname,
int lineno,
/* get the limits */
for ( i = 2; i < argc; i++ ) {
- if ( parse_limit( argv[i], &limit ) ) {
+ if ( limits_parse_one( argv[i], &limit ) ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT,
limit.lms_s_hard = limit.lms_s_soft;
}
- rc = add_limits( be, flags, pattern, group_oc, group_ad, &limit );
+ rc = limits_add( be, flags, pattern, group_oc, group_ad, &limit );
if ( rc ) {
#ifdef NEW_LOGGING
}
int
-parse_limit(
+limits_parse_one(
const char *arg,
struct slap_limits_set *limit
)
return 0;
}
+
+int
+limits_check( Operation *op, SlapReply *rs )
+{
+ /* allow root to set no limit */
+ if ( be_isroot( op->o_bd, &op->o_ndn ) ) {
+ op->ors_limit = NULL;
+
+ if ( op->ors_tlimit == 0 ) {
+ op->ors_tlimit = -1;
+ }
+
+ if ( op->ors_slimit == 0 ) {
+ op->ors_slimit = -1;
+ }
+
+ /* if not root, get appropriate limits */
+ } else {
+ ( void ) limits_get( op, &op->o_ndn, &op->ors_limit );
+
+ assert( op->ors_limit != NULL );
+
+ /* if no limit is required, use soft limit */
+ if ( op->ors_tlimit <= 0 ) {
+ op->ors_tlimit = op->ors_limit->lms_t_soft;
+
+ /* if requested limit higher than hard limit, abort */
+ } else if ( op->ors_tlimit > op->ors_limit->lms_t_hard ) {
+ /* no hard limit means use soft instead */
+ if ( op->ors_limit->lms_t_hard == 0
+ && op->ors_limit->lms_t_soft > -1
+ && op->ors_tlimit > op->ors_limit->lms_t_soft ) {
+ op->ors_tlimit = op->ors_limit->lms_t_soft;
+
+ /* positive hard limit means abort */
+ } else if ( op->ors_limit->lms_t_hard > 0 ) {
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_ldap_result( op, rs );
+ rs->sr_err = LDAP_SUCCESS;
+ return -1;
+ }
+
+ /* negative hard limit means no limit */
+ }
+
+ /* if no limit is required, use soft limit */
+ if ( op->ors_slimit <= 0 ) {
+ if ( get_pagedresults( op ) && op->ors_limit->lms_s_pr != 0 ) {
+ op->ors_slimit = op->ors_limit->lms_s_pr;
+ } else {
+ op->ors_slimit = op->ors_limit->lms_s_soft;
+ }
+
+ /* if requested limit higher than hard limit, abort */
+ } else if ( op->ors_slimit > op->ors_limit->lms_s_hard ) {
+ /* no hard limit means use soft instead */
+ if ( op->ors_limit->lms_s_hard == 0
+ && op->ors_limit->lms_s_soft > -1
+ && op->ors_slimit > op->ors_limit->lms_s_soft ) {
+ op->ors_slimit = op->ors_limit->lms_s_soft;
+
+ /* positive hard limit means abort */
+ } else if ( op->ors_limit->lms_s_hard > 0 ) {
+ rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
+ send_ldap_result( op, rs );
+ rs->sr_err = LDAP_SUCCESS;
+ return -1;
+ }
+
+ /* negative hard limit means no limit */
+ }
+ }
+
+ return 0;
+}
+
/*
* limits.c
*/
-LDAP_SLAPD_F (int) get_limits LDAP_P((
+LDAP_SLAPD_F (int) limits_get LDAP_P((
Operation *op, struct berval *ndn,
struct slap_limits_set **limit ));
-LDAP_SLAPD_F (int) parse_limits LDAP_P((
+LDAP_SLAPD_F (int) limits_parse LDAP_P((
Backend *be, const char *fname, int lineno,
int argc, char **argv ));
-LDAP_SLAPD_F (int) parse_limit LDAP_P(( const char *arg,
+LDAP_SLAPD_F (int) limits_parse_one LDAP_P(( const char *arg,
struct slap_limits_set *limit ));
+LDAP_SLAPD_F (int) limits_check LDAP_P((
+ Operation *op, SlapReply *rs ));
/*
* lock.c
}
#endif /* LDAP_SLAPI */
- /* allow root to set no limit */
- if ( be_isroot( op->o_bd, &op->o_ndn ) ) {
- op->ors_limit = NULL;
-
- if ( op->ors_tlimit == 0 ) {
- op->ors_tlimit = -1;
- }
-
- if ( op->ors_slimit == 0 ) {
- op->ors_slimit = -1;
- }
-
- /* if not root, get appropriate limits */
- } else {
- ( void ) get_limits( op, &op->o_ndn, &op->ors_limit );
-
- assert( op->ors_limit != NULL );
-
- /* if no limit is required, use soft limit */
- if ( op->ors_tlimit <= 0 ) {
- op->ors_tlimit = op->ors_limit->lms_t_soft;
-
- /* if requested limit higher than hard limit, abort */
- } else if ( op->ors_tlimit > op->ors_limit->lms_t_hard ) {
- /* no hard limit means use soft instead */
- if ( op->ors_limit->lms_t_hard == 0
- && op->ors_limit->lms_t_soft > -1
- && op->ors_tlimit > op->ors_limit->lms_t_soft ) {
- op->ors_tlimit = op->ors_limit->lms_t_soft;
-
- /* positive hard limit means abort */
- } else if ( op->ors_limit->lms_t_hard > 0 ) {
- rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- rs->sr_err = LDAP_SUCCESS;
- goto return_results;
- }
-
- /* negative hard limit means no limit */
- }
-
- /* if no limit is required, use soft limit */
- if ( op->ors_slimit <= 0 ) {
- if ( get_pagedresults( op ) && op->ors_limit->lms_s_pr != 0 ) {
- op->ors_slimit = op->ors_limit->lms_s_pr;
- } else {
- op->ors_slimit = op->ors_limit->lms_s_soft;
- }
-
- /* if requested limit higher than hard limit, abort */
- } else if ( op->ors_slimit > op->ors_limit->lms_s_hard ) {
- /* no hard limit means use soft instead */
- if ( op->ors_limit->lms_s_hard == 0
- && op->ors_limit->lms_s_soft > -1
- && op->ors_slimit > op->ors_limit->lms_s_soft ) {
- op->ors_slimit = op->ors_limit->lms_s_soft;
-
- /* positive hard limit means abort */
- } else if ( op->ors_limit->lms_s_hard > 0 ) {
- rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED;
- send_ldap_result( op, rs );
- rs->sr_err = LDAP_SUCCESS;
- goto return_results;
- }
-
- /* negative hard limit means no limit */
- }
- }
-
/* actually do the search and send the result(s) */
- if ( op->o_bd->be_search ) {
+ if ( op->o_bd->be_search && limits_check( op, rs ) == 0 ) {
(op->o_bd->be_search)( op, rs );
} else {
send_ldap_error( op, rs, LDAP_UNWILLING_TO_PERFORM,
projects / openldap / commitdiff