From 5d8a8500d6850d1cc09337f28a61c451599a193a Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Mon, 19 Apr 2004 22:13:19 +0000 Subject: [PATCH] Update slapd limits handling (from Ando) --- CHANGES | 3 +- servers/slapd/limits.c | 122 ++++++++++++++++++++++++++++++++++++----- 2 files changed, 111 insertions(+), 14 deletions(-) diff --git a/CHANGES b/CHANGES index 20080713b6..e3188aefff 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,7 @@ OpenLDAP 2.2 Change Log OpenLDAP 2.2.11 Engineering Fixed slapd undefined objectclass bug (ITS#3097) + Updated slapd limits handling OpenLDAP 2.2.10 Release Build Environment @@ -27,7 +28,7 @@ OpenLDAP 2.2.9 Release Fixed libldap parse_oid core dump bug (ITS#3065) Fixed ldapmodify missing error information bug (ITS#3057) Fixed ldapsearch paged results error handling - Updated slapd limits + Updated slapd limits handling Updated slapd overlay framework Added slapd Delivery Method syntax validation (ITS#3052) Added libldap ditContentRule oidMacro support (ITS#2920) diff --git a/servers/slapd/limits.c b/servers/slapd/limits.c index 854c48c920..55fce61705 100644 --- a/servers/slapd/limits.c +++ b/servers/slapd/limits.c @@ -23,6 +23,42 @@ #include "slap.h" +static char * +limits2str( unsigned i ) +{ + switch ( i ) { + case SLAP_LIMITS_UNDEFINED: + return "UNDEFINED"; + + case SLAP_LIMITS_EXACT: + return "EXACT"; + + case SLAP_LIMITS_ONE: + return "ONELEVEL"; + + case SLAP_LIMITS_SUBTREE: + return "SUBTREE"; + + case SLAP_LIMITS_CHILDREN: + return "CHILDREN"; + + case SLAP_LIMITS_REGEX: + return "REGEX"; + + case SLAP_LIMITS_ANONYMOUS: + return "ANONYMOUS"; + + case SLAP_LIMITS_USERS: + return "USERS"; + + case SLAP_LIMITS_ANY: + return "ANY"; + + default: + return "UNKNOWN"; + } +} + int limits_get( Operation *op, @@ -35,6 +71,16 @@ limits_get( assert( op ); assert( limit ); +#ifdef NEW_LOGGING + LDAP_LOG( SLAPD, DETAIL1, "==> limits_get: conn=%lu op=%lu dn=\"%s\"\n", + op->o_connid, op->o_opid, + BER_BVISNULL( ndn ) ? "[anonymous]" : ndn->bv_val ); + +#else + Debug( LDAP_DEBUG_TRACE, "==> limits_get: conn=%lu op=%lu dn=\"%s\"\n", + op->o_connid, op->o_opid, + BER_BVISNULL( ndn ) ? "[anonymous]" : ndn->bv_val ); +#endif /* * default values */ @@ -63,13 +109,35 @@ limits_get( lm[0]->lm_group_ad ); if ( rc == 0 ) { *limit = &lm[0]->lm_limits; +#ifdef NEW_LOGGING + LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=GROUP match=EXACT " + "dn=\"%s\" oc=\"%s\" ad=\"%s\"\n", + lm[0]->lm_pat.bv_val, + lm[0]->lm_group_oc->soc_cname.bv_val, + lm[0]->lm_group_ad->ad_cname.bv_val ); +#else + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=GROUP match=EXACT " + "dn=\"%s\" oc=\"%s\" ad=\"%s\"\n", + lm[0]->lm_pat.bv_val, + lm[0]->lm_group_oc->soc_cname.bv_val, + lm[0]->lm_group_ad->ad_cname.bv_val ); + +#endif return( 0 ); } - } + } else { - if ( dn_match( &lm[0]->lm_pat, ndn ) ) { - *limit = &lm[0]->lm_limits; - return( 0 ); + if ( dn_match( &lm[0]->lm_pat, ndn ) ) { + *limit = &lm[0]->lm_limits; +#ifdef NEW_LOGGING + LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=EXACT dn=\"%s\"\n", + lm[0]->lm_pat.bv_val, 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=EXACT dn=\"%s\"\n", + lm[0]->lm_pat.bv_val, 0, 0 ); +#endif + return( 0 ); + } } break; @@ -119,6 +187,13 @@ limits_get( } *limit = &lm[0]->lm_limits; +#ifdef NEW_LOGGING + LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s dn=\"%s\"\n", + limits2str( style ), lm[0]->lm_pat.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s dn=\"%s\"\n", + limits2str( style ), lm[0]->lm_pat.bv_val, 0 ); +#endif return( 0 ); } @@ -133,12 +208,26 @@ limits_get( 0, NULL, 0 ) == 0 ) { *limit = &lm[0]->lm_limits; +#ifdef NEW_LOGGING + LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s dn=\"%s\"\n", + limits2str( style ), lm[0]->lm_pat.bv_val, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s dn=\"%s\"\n", + limits2str( style ), lm[0]->lm_pat.bv_val, 0 ); +#endif return( 0 ); } break; case SLAP_LIMITS_ANONYMOUS: if ( ndn->bv_len == 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s\n", + limits2str( style ), 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s\n", + limits2str( style ), 0, 0 ); +#endif *limit = &lm[0]->lm_limits; return( 0 ); } @@ -147,6 +236,13 @@ limits_get( case SLAP_LIMITS_USERS: if ( ndn->bv_len != 0 ) { *limit = &lm[0]->lm_limits; +#ifdef NEW_LOGGING + LDAP_LOG( SLAPD, DETAIL1, "<== limits_get: type=DN match=%s\n", + limits2str( style ), 0, 0 ); +#else + Debug( LDAP_DEBUG_TRACE, "<== limits_get: type=DN match=%s\n", + limits2str( style ), 0, 0 ); +#endif return( 0 ); } break; @@ -985,7 +1081,7 @@ limits_check( Operation *op, SlapReply *rs ) pr_total = op->ors_limit->lms_s_pr_total; } - if ( op->ors_limit->lms_s_pr_total == -1 ) { + if ( pr_total == -1 ) { slimit = -1; } else if ( pr_total > 0 && ( op->ors_slimit == -1 || op->ors_slimit > pr_total ) ) { @@ -1047,19 +1143,19 @@ limits_check( Operation *op, SlapReply *rs ) if ( op->ors_slimit <= 0 ) { op->ors_slimit = slimit; - } else if ( op->ors_slimit - op->o_pagedresults_state.ps_count > slimit ) { - rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; - send_ldap_result( op, rs ); - rs->sr_err = LDAP_SUCCESS; - return -1; - - } else { + } else if ( slimit > 0 ) { + if ( op->ors_slimit - op->o_pagedresults_state.ps_count > slimit ) { + rs->sr_err = LDAP_ADMINLIMIT_EXCEEDED; + send_ldap_result( op, rs ); + rs->sr_err = LDAP_SUCCESS; + return -1; + } op->ors_slimit = slimit; } } else { /* use the standard hard/soft limit if any */ - op->ors_slimit = op->ors_limit->lms_s_hard; + op->ors_slimit = pr_total; } /* no limit requested: use soft, whatever it is */ -- 2.39.2