From: Kurt Zeilenga Date: Mon, 4 Jun 2001 19:09:47 +0000 (+0000) Subject: Add sb_max incoming X-Git-Tag: OPENLDAP_REL_ENG_2_0_12~67 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=bc06053f52e5cba568449af595f5547c219ad803;p=openldap Add sb_max incoming --- diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c index b7c4315ed1..d757028f59 100644 --- a/servers/slapd/bind.c +++ b/servers/slapd/bind.c @@ -241,12 +241,20 @@ do_bind( if( rc == LDAP_SUCCESS ) { ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + conn->c_dn = edn; conn->c_authmech = mech; conn->c_sasl_ssf = ssf; if( ssf > conn->c_ssf ) { conn->c_ssf = ssf; } + + if( conn->c_dn != NULL ) { + ber_len_t max = sockbuf_max_incoming; + ber_sockbuf_ctrl( conn->c_sb, + LBER_SB_OPT_SET_MAX_INCOMING, &max ); + } + ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); } else if ( rc == LDAP_SASL_BIND_IN_PROGRESS ) { @@ -407,6 +415,12 @@ do_bind( ndn = NULL; } + if( conn->c_dn != NULL ) { + ber_len_t max = sockbuf_max_incoming; + ber_sockbuf_ctrl( conn->c_sb, + LBER_SB_OPT_SET_MAX_INCOMING, &max ); + } + Debug( LDAP_DEBUG_TRACE, "do_bind: v%d bind: \"%s\" to \"%s\"\n", version, conn->c_cdn, conn->c_dn ); diff --git a/servers/slapd/config.c b/servers/slapd/config.c index 76dd0dbaf1..1017736560 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -41,6 +41,7 @@ char *default_search_base = NULL; char *default_search_nbase = NULL; ber_len_t sockbuf_max_incoming = SLAP_SB_MAX_INCOMING_DEFAULT; +ber_len_t sockbuf_max_incoming_auth= SLAP_SB_MAX_INCOMING_AUTH; char *slapd_pid_file = NULL; char *slapd_args_file = NULL; @@ -172,15 +173,9 @@ read_config( const char *fname ) } else if ( strcasecmp( cargv[0], "sockbuf_max_incoming" ) == 0 ) { long max; if ( cargc < 2 ) { -#ifdef NEW_LOGGING - LDAP_LOG(( "config", LDAP_LEVEL_CRIT, - "%s: line %d: missing max in \"sockbuf_max_incoming \" line.\n", - fname, lineno, max )); -#else Debug( LDAP_DEBUG_ANY, "%s: line %d: invalid max value (%ld) in " "\"sockbuf_max_incoming \" line.\n", fname, lineno, max ); -#endif return( 1 ); } sockbuf_max_incoming = max; + /* set sockbuf max authenticated */ + } else if ( strcasecmp( cargv[0], "sockbuf_max_incoming_auth" ) == 0 ) { + long max; + if ( cargc < 2 ) { + Debug( LDAP_DEBUG_ANY, + "%s: line %d: missing max in \"sockbuf_max_incoming_auth \" line\n", + fname, lineno, 0 ); + + return( 1 ); + } + + max = atol( cargv[1] ); + + if( max < 0 ) { + Debug( LDAP_DEBUG_ANY, + "%s: line %d: invalid max value (%ld) in " + "\"sockbuf_max_incoming_auth \" line.\n", + fname, lineno, max ); + + return( 1 ); + } + + sockbuf_max_incoming_auth = max; + /* default search base */ } else if ( strcasecmp( cargv[0], "defaultSearchBase" ) == 0 ) { if ( cargc < 2 ) { diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index b282cf6970..0d95090815 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -488,6 +488,11 @@ void connection2anonymous( Connection *c ) assert( connections != NULL ); assert( c != NULL ); + { + ber_len_t max = sockbuf_max_incoming; + ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); + } + if(c->c_authmech != NULL ) { free(c->c_authmech); c->c_authmech = NULL; diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index dd1c6beaed..3688cab747 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -768,7 +768,10 @@ LDAP_SLAPD_F (int) krbv4_ldap_auth(); * Other... */ #define SLAP_SB_MAX_INCOMING_DEFAULT (1<<18 - 1) +#define SLAP_SB_MAX_INCOMING_AUTH (1<<24 - 1) + LDAP_SLAPD_F (ber_len_t) sockbuf_max_incoming; +LDAP_SLAPD_F (ber_len_t) sockbuf_max_incoming_auth; LDAP_SLAPD_F (slap_mask_t) global_restrictops; LDAP_SLAPD_F (slap_mask_t) global_allows;