ldap/schema ldap/servers
by Richard Allen Megginson
ldap/schema/02common.ldif | 5 +-
ldap/servers/slapd/back-ldbm/back-ldbm.h | 8 +++
ldap/servers/slapd/back-ldbm/ldbm_config.c | 52 ++++++++++++++++++++++++
ldap/servers/slapd/back-ldbm/ldbm_config.h | 2
ldap/servers/slapd/back-ldbm/ldbm_search.c | 28 ++++++++++++-
ldap/servers/slapd/back-ldbm/start.c | 20 +++++++++
ldap/servers/slapd/backend.c | 6 ++
ldap/servers/slapd/libglobs.c | 61 ++++++++++++++++++++++++++++-
ldap/servers/slapd/opshared.c | 29 ++++++++++---
ldap/servers/slapd/proto-slap.h | 2
ldap/servers/slapd/slap.h | 3 +
ldap/servers/slapd/slapi-private.h | 1
12 files changed, 208 insertions(+), 9 deletions(-)
New commits:
commit 4dc166b51794ca5920572f6c9196eabcac25ea9e
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Sep 30 08:30:16 2011 -0600
Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
https://bugzilla.redhat.com/show_bug.cgi?id=740942
Resolves: bug 740942
Bug Description: allow resource limits to be set for paged searches independently of limits for other searches/operations
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: There are now 6 new configuration variables that control
global and per-user limits for simple paged result searches. If these are
not present or set to 0, the corresponding non-paged limit will be used
instead. For example, if nsslapd-pagedsizelimit is not set,
nsslapd-sizelimit will be used. This keeps the previous behavior when the
new paged limits are not set.
cn=config/operational per user
nsslapd-pagedsizelimit/nsPagedSizeLimit - maximum number of entries returned
by a paged search
cn=config,cn=ldbm database,cn=plugins,cn=config/operational per user
nsslapd-pagedlookthroughlimit/nsPagedLookThroughLimit - maximum number of
entries retrieved from the database by a simple paged result search
nsslapd-pagedidlistscanlimit/nsPagedIDListScanLimit - maximum size of an ID
list that can be loaded by a simple paged result search
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: Yes - will need to document the new attributes
diff --git a/ldap/schema/02common.ldif b/ldap/schema/02common.ldif
index 0193091..db8ea19 100644
--- a/ldap/schema/02common.ldif
+++ b/ldap/schema/02common.ldif
@@ -123,7 +123,10 @@ attributeTypes: ( 2.16.840.1.113730.3.1.570 NAME 'nsLookThroughLimit' DESC 'Bind
attributeTypes: ( 2.16.840.1.113730.3.1.571 NAME 'nsSizeLimit' DESC 'Binder-based search operation size limit (entries)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.572 NAME 'nsTimeLimit' DESC 'Binder-based search operation time limit (seconds)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.573 NAME 'nsIdleTimeout' DESC 'Binder-based connection idle timeout (seconds)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.2106 NAME 'nsIDListScanLimit' DESC 'Binder-based search operation ID list scan limit (candidate entries)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2106 NAME 'nsIDListScanLimit' DESC 'Binder-based search operation ID list scan limit (candidate entries)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN '389' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2107 NAME 'nsPagedSizeLimit' DESC 'Binder-based simple paged search operation size limit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN '389' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2108 NAME 'nsPagedLookThroughLimit' DESC 'Binder-based simple paged search operation look through limit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN '389' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2109 NAME 'nsPagedIDListScanLimit' DESC 'Binder-based simple paged search operation ID list scan limit' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE USAGE directoryOperation X-ORIGIN '389' )
attributeTypes: ( 2.16.840.1.113730.3.1.574 NAME 'nsRole' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 NO-USER-MODIFICATION USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.575 NAME 'nsRoleDN' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 USAGE directoryOperation X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.576 NAME 'nsRoleFilter' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
diff --git a/ldap/servers/slapd/back-ldbm/back-ldbm.h b/ldap/servers/slapd/back-ldbm/back-ldbm.h
index e6cab21..f5668d2 100644
--- a/ldap/servers/slapd/back-ldbm/back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/back-ldbm.h
@@ -635,6 +635,10 @@ struct ldbminfo {
int li_legacy_errcode; /* 615428 -- in case legacy err code is expected */
Slapi_Counter *li_global_usn_counter; /* global USN counter */
int li_reslimit_allids_handle; /* allids aka idlistscan */
+ int li_pagedlookthroughlimit;
+ int li_pagedallidsthreshold;
+ int li_reslimit_pagedlookthrough_handle;
+ int li_reslimit_pagedallids_handle; /* allids aka idlistscan */
};
/* li_flags could store these bits defined in ../slapi-plugin.h
@@ -804,6 +808,10 @@ typedef struct _back_search_result_set
#define LDBM_LOOKTHROUGHLIMIT_AT "nsLookThroughLimit"
/* Name of attribute type used for binder-based look through limit */
#define LDBM_ALLIDSLIMIT_AT "nsIDListScanLimit"
+/* Name of attribute type used for binder-based look through simple paged limit */
+#define LDBM_PAGEDLOOKTHROUGHLIMIT_AT "nsPagedLookThroughLimit"
+/* Name of attribute type used for binder-based look through simple paged limit */
+#define LDBM_PAGEDALLIDSLIMIT_AT "nsPagedIDListScanLimit"
/* OIDs for attribute types used internally */
#define LDBM_ENTRYDN_OID "2.16.840.1.113730.3.1.602"
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.c b/ldap/servers/slapd/back-ldbm/ldbm_config.c
index 44cda4c..83dbddd 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_config.c
@@ -165,6 +165,28 @@ static int ldbm_config_lookthroughlimit_set(void *arg, void *value, char *errorb
return retval;
}
+static void *ldbm_config_pagedlookthroughlimit_get(void *arg)
+{
+ struct ldbminfo *li = (struct ldbminfo *) arg;
+
+ return (void *) ((uintptr_t)(li->li_pagedlookthroughlimit));
+}
+
+static int ldbm_config_pagedlookthroughlimit_set(void *arg, void *value, char *errorbuf, int phase, int apply)
+{
+ struct ldbminfo *li = (struct ldbminfo *) arg;
+ int retval = LDAP_SUCCESS;
+ int val = (int) ((uintptr_t)value);
+
+ /* Do whatever we can to make sure the data is ok. */
+
+ if (apply) {
+ li->li_pagedlookthroughlimit = val;
+ }
+
+ return retval;
+}
+
static void *ldbm_config_mode_get(void *arg)
{
struct ldbminfo *li = (struct ldbminfo *) arg;
@@ -214,6 +236,34 @@ static int ldbm_config_allidsthreshold_set(void *arg, void *value, char *errorbu
return retval;
}
+static void *ldbm_config_pagedallidsthreshold_get(void *arg)
+{
+ struct ldbminfo *li = (struct ldbminfo *) arg;
+
+ return (void *) ((uintptr_t)(li->li_pagedallidsthreshold));
+}
+
+static int ldbm_config_pagedallidsthreshold_set(void *arg, void *value, char *errorbuf, int phase, int apply)
+{
+ struct ldbminfo *li = (struct ldbminfo *) arg;
+ int retval = LDAP_SUCCESS;
+ int val = (int) ((uintptr_t)value);
+
+ /* Do whatever we can to make sure the data is ok. */
+
+ /* Catch attempts to configure a stupidly low pagedallidsthreshold */
+ /* value of 0 means turn off separate paged value and use regular allids value */
+ if ((val > 0) && (val < 100)) {
+ val = 100;
+ }
+
+ if (apply) {
+ li->li_pagedallidsthreshold = val;
+ }
+
+ return retval;
+}
+
static void *ldbm_config_directory_get(void *arg)
{
struct ldbminfo *li = (struct ldbminfo *) arg;
@@ -1279,6 +1329,8 @@ static config_info ldbm_config[] = {
{CONFIG_USE_LEGACY_ERRORCODE, CONFIG_TYPE_ONOFF, "off", &ldbm_config_legacy_errcode_get, &ldbm_config_legacy_errcode_set, 0},
{CONFIG_ENTRYRDN_SWITCH, CONFIG_TYPE_ONOFF, "on", &ldbm_config_entryrdn_switch_get, &ldbm_config_entryrdn_switch_set, CONFIG_FLAG_ALWAYS_SHOW},
{CONFIG_ENTRYRDN_NOANCESTORID, CONFIG_TYPE_ONOFF, "off", &ldbm_config_entryrdn_noancestorid_get, &ldbm_config_entryrdn_noancestorid_set, 0 /* no show */},
+ {CONFIG_PAGEDLOOKTHROUGHLIMIT, CONFIG_TYPE_INT, "0", &ldbm_config_pagedlookthroughlimit_get, &ldbm_config_pagedlookthroughlimit_set, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE},
+ {CONFIG_PAGEDIDLISTSCANLIMIT, CONFIG_TYPE_INT, "0", &ldbm_config_pagedallidsthreshold_get, &ldbm_config_pagedallidsthreshold_set, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE},
{NULL, 0, NULL, NULL, NULL, 0}
};
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.h b/ldap/servers/slapd/back-ldbm/ldbm_config.h
index ffbc39f..aac085b 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_config.h
+++ b/ldap/servers/slapd/back-ldbm/ldbm_config.h
@@ -85,7 +85,9 @@ struct config_info {
#define CONFIG_INSTANCE "nsslapd-instance"
#define CONFIG_LOOKTHROUGHLIMIT "nsslapd-lookthroughlimit"
+#define CONFIG_PAGEDLOOKTHROUGHLIMIT "nsslapd-pagedlookthroughlimit"
#define CONFIG_IDLISTSCANLIMIT "nsslapd-idlistscanlimit"
+#define CONFIG_PAGEDIDLISTSCANLIMIT "nsslapd-pagedidlistscanlimit"
#define CONFIG_DIRECTORY "nsslapd-directory"
#define CONFIG_MODE "nsslapd-mode"
#define CONFIG_DBCACHESIZE "nsslapd-dbcachesize"
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c
index 94341c5..66ec886 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_search.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c
@@ -71,8 +71,10 @@ compute_lookthrough_limit( Slapi_PBlock *pb, struct ldbminfo *li )
{
Slapi_Connection *conn = NULL;
int limit;
+ Slapi_Operation *op;
slapi_pblock_get( pb, SLAPI_CONNECTION, &conn);
+ slapi_pblock_get( pb, SLAPI_OPERATION, &op);
if ( slapi_reslimit_get_integer_limit( conn,
li->li_reslimit_lookthrough_handle, &limit )
@@ -93,6 +95,18 @@ compute_lookthrough_limit( Slapi_PBlock *pb, struct ldbminfo *li )
}
}
+ if (op && (op->o_flags & OP_FLAG_PAGED_RESULTS)) {
+ if ( slapi_reslimit_get_integer_limit( conn,
+ li->li_reslimit_pagedlookthrough_handle, &limit )
+ != SLAPI_RESLIMIT_STATUS_SUCCESS ) {
+ PR_Lock(li->li_config_mutex);
+ if (li->li_pagedlookthroughlimit) {
+ limit = li->li_pagedlookthroughlimit;
+ }
+ /* else set above */
+ PR_Unlock(li->li_config_mutex);
+ }
+ }
return( limit );
}
@@ -101,8 +115,10 @@ compute_allids_limit( Slapi_PBlock *pb, struct ldbminfo *li )
{
Slapi_Connection *conn = NULL;
int limit;
+ Slapi_Operation *op;
slapi_pblock_get( pb, SLAPI_CONNECTION, &conn);
+ slapi_pblock_get( pb, SLAPI_OPERATION, &op);
if ( slapi_reslimit_get_integer_limit( conn,
li->li_reslimit_allids_handle, &limit )
@@ -111,7 +127,17 @@ compute_allids_limit( Slapi_PBlock *pb, struct ldbminfo *li )
limit = li->li_allidsthreshold;
PR_Unlock(li->li_config_mutex);
}
-
+ if (op && (op->o_flags & OP_FLAG_PAGED_RESULTS)) {
+ if ( slapi_reslimit_get_integer_limit( conn,
+ li->li_reslimit_pagedallids_handle, &limit )
+ != SLAPI_RESLIMIT_STATUS_SUCCESS ) {
+ PR_Lock(li->li_config_mutex);
+ if (li->li_pagedallidsthreshold) {
+ limit = li->li_pagedallidsthreshold;
+ }
+ PR_Unlock(li->li_config_mutex);
+ }
+ }
return( limit );
}
diff --git a/ldap/servers/slapd/back-ldbm/start.c b/ldap/servers/slapd/back-ldbm/start.c
index 9e18086..dabbca5 100644
--- a/ldap/servers/slapd/back-ldbm/start.c
+++ b/ldap/servers/slapd/back-ldbm/start.c
@@ -96,6 +96,26 @@ ldbm_back_start( Slapi_PBlock *pb )
return SLAPI_FAIL_GENERAL;
}
+ /* register with the binder-based resource limit subsystem so that */
+ /* pagedlookthroughlimit can be supported on a per-connection basis. */
+ if ( slapi_reslimit_register( SLAPI_RESLIMIT_TYPE_INT,
+ LDBM_PAGEDLOOKTHROUGHLIMIT_AT, &li->li_reslimit_pagedlookthrough_handle )
+ != SLAPI_RESLIMIT_STATUS_SUCCESS ) {
+ LDAPDebug( LDAP_DEBUG_ANY, "start: Resource limit registration failed for pagedlookthroughlimit\n",
+ 0, 0, 0 );
+ return SLAPI_FAIL_GENERAL;
+ }
+
+ /* register with the binder-based resource limit subsystem so that */
+ /* pagedallidslimit (aka idlistscanlimit) can be supported on a per-connection basis. */
+ if ( slapi_reslimit_register( SLAPI_RESLIMIT_TYPE_INT,
+ LDBM_PAGEDALLIDSLIMIT_AT, &li->li_reslimit_pagedallids_handle )
+ != SLAPI_RESLIMIT_STATUS_SUCCESS ) {
+ LDAPDebug( LDAP_DEBUG_ANY, "start: Resource limit registration failed for pagedallidslimit\n",
+ 0, 0, 0 );
+ return SLAPI_FAIL_GENERAL;
+ }
+
/* If the db directory hasn't been set yet, we need to set it to
* the default. */
if (NULL == li->li_directory || '\0' == li->li_directory[0]) {
diff --git a/ldap/servers/slapd/backend.c b/ldap/servers/slapd/backend.c
index 6796439..de852c8 100644
--- a/ldap/servers/slapd/backend.c
+++ b/ldap/servers/slapd/backend.c
@@ -74,6 +74,7 @@ be_init( Slapi_Backend *be, const char *type, const char *name, int isprivate, i
"plugin %s, instance %s\n", type, name);
}
be->be_sizelimit = sizelimit;
+ be->be_pagedsizelimit = config_get_pagedsizelimit();
be->be_timelimit = timelimit;
/* maximum group nesting level before giving up */
be->be_maxnestlevel = SLAPD_DEFAULT_GROUPNESTLEVEL;
@@ -582,6 +583,11 @@ void be_set_timelimit(Slapi_Backend * be, int timelimit)
be->be_timelimit = timelimit;
}
+void be_set_pagedsizelimit(Slapi_Backend * be, int sizelimit)
+{
+ be->be_pagedsizelimit = sizelimit;
+}
+
int
slapi_back_get_info(Slapi_Backend *be, int cmd, void **info)
{
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index ce6188b..928d648 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -645,7 +645,10 @@ static struct config_get_and_set {
{CONFIG_VALIDATE_CERT_ATTRIBUTE, config_set_validate_cert_switch,
NULL, 0,
(void**)&global_slapdFrontendConfig.validate_cert, CONFIG_SPECIAL_VALIDATE_CERT_SWITCH,
- (ConfigGetFunc)config_get_validate_cert_switch}
+ (ConfigGetFunc)config_get_validate_cert_switch},
+ {CONFIG_PAGEDSIZELIMIT_ATTRIBUTE, config_set_pagedsizelimit,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.pagedsizelimit, CONFIG_INT, NULL},
#ifdef MEMPOOL_EXPERIMENTAL
,{CONFIG_MEMPOOL_SWITCH_ATTRIBUTE, config_set_mempool_switch,
NULL, 0,
@@ -937,6 +940,7 @@ FrontendConfig_init () {
cfg->slapd_type = 0;
cfg->versionstring = SLAPD_VERSION_STR;
cfg->sizelimit = SLAPD_DEFAULT_SIZELIMIT;
+ cfg->pagedsizelimit = 0;
cfg->timelimit = SLAPD_DEFAULT_TIMELIMIT;
cfg->anon_limits_dn = slapi_ch_strdup("");
cfg->schemacheck = LDAP_ON;
@@ -1594,6 +1598,49 @@ config_set_sizelimit( const char *attrname, char *value, char *errorbuf, int app
return retVal;
}
+int
+config_set_pagedsizelimit( const char *attrname, char *value, char *errorbuf, int apply ) {
+ int retVal = LDAP_SUCCESS;
+ long pagedsizelimit;
+ char *endp = NULL;
+ Slapi_Backend *be;
+ char *cookie;
+
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ if ( config_value_is_null( attrname, value, errorbuf, 0 )) {
+ return LDAP_OPERATIONS_ERROR;
+ }
+
+ errno = 0;
+ pagedsizelimit = strtol(value, &endp, 10);
+
+ if ( *endp != '\0' || errno == ERANGE || pagedsizelimit < -1 ) {
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: \"%s\" is invalid, pagedsizelimit must range from -1 to %ld",
+ attrname, value, LONG_MAX );
+ retVal = LDAP_OPERATIONS_ERROR;
+ return retVal;
+ }
+
+ if (apply) {
+
+ CFG_LOCK_WRITE(slapdFrontendConfig);
+
+ slapdFrontendConfig->pagedsizelimit= pagedsizelimit;
+ cookie = NULL;
+ be = slapi_get_first_backend(&cookie);
+ while (be) {
+ be->be_pagedsizelimit = slapdFrontendConfig->pagedsizelimit;
+ be = slapi_get_next_backend(cookie);
+ }
+
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ slapi_ch_free ((void **)&cookie);
+
+ }
+ return retVal;
+}
+
int
config_set_pw_storagescheme( const char *attrname, char *value, char *errorbuf, int apply ) {
int retVal = LDAP_SUCCESS;
@@ -3729,6 +3776,18 @@ config_get_sizelimit() {
return retVal;
}
+int
+config_get_pagedsizelimit() {
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+ int retVal;
+
+ CFG_LOCK_READ(slapdFrontendConfig);
+ retVal = slapdFrontendConfig->pagedsizelimit;
+ CFG_UNLOCK_READ(slapdFrontendConfig);
+
+ return retVal;
+}
+
char *
config_get_pw_storagescheme() {
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
diff --git a/ldap/servers/slapd/opshared.c b/ldap/servers/slapd/opshared.c
index d533d01..1af97c6 100644
--- a/ldap/servers/slapd/opshared.c
+++ b/ldap/servers/slapd/opshared.c
@@ -1355,6 +1355,7 @@ iterate(Slapi_PBlock *pb, Slapi_Backend *be, int send_result,
static int timelimit_reslimit_handle = -1;
static int sizelimit_reslimit_handle = -1;
+static int pagedsizelimit_reslimit_handle = -1;
/*
* Register size and time limit with the binder-based resource limits
@@ -1363,18 +1364,17 @@ static int sizelimit_reslimit_handle = -1;
int
search_register_reslimits( void )
{
- int rc1, rc2;
+ int rc1, rc2, rc3;
rc1 = slapi_reslimit_register( SLAPI_RESLIMIT_TYPE_INT,
"nsSizeLimit" , &sizelimit_reslimit_handle );
rc2 = slapi_reslimit_register( SLAPI_RESLIMIT_TYPE_INT,
"nsTimeLimit", &timelimit_reslimit_handle );
+ rc3 = slapi_reslimit_register( SLAPI_RESLIMIT_TYPE_INT,
+ "nsPagedSizeLimit", &pagedsizelimit_reslimit_handle );
- if ( rc1 != SLAPI_RESLIMIT_STATUS_SUCCESS ) {
- return( rc1 );
- } else {
- return( rc2 );
- }
+ return (rc1 != SLAPI_RESLIMIT_STATUS_SUCCESS) ? rc1 :
+ ((rc2 != SLAPI_RESLIMIT_STATUS_SUCCESS) ? rc2 : rc3);
}
@@ -1397,11 +1397,13 @@ compute_limits (Slapi_PBlock *pb)
int isCertAuth;
Slapi_ComponentId *component_id = NULL;
Slapi_Backend *be;
+ Slapi_Operation *op;
slapi_pblock_get (pb, SLAPI_SEARCH_TIMELIMIT, &requested_timelimit);
slapi_pblock_get (pb, SLAPI_SEARCH_SIZELIMIT, &requested_sizelimit);
slapi_pblock_get (pb, SLAPI_REQUESTOR_ISROOT, &isroot);
slapi_pblock_get (pb, SLAPI_BACKEND, &be);
+ slapi_pblock_get (pb, SLAPI_OPERATION, &op);
/* If the search belongs to the client authentication process, take the value at
@@ -1471,6 +1473,21 @@ compute_limits (Slapi_PBlock *pb)
}
}
+ if (op && (op->o_flags & OP_FLAG_PAGED_RESULTS)) {
+ if ( slapi_reslimit_get_integer_limit( pb->pb_conn,
+ pagedsizelimit_reslimit_handle, &max_sizelimit )
+ != SLAPI_RESLIMIT_STATUS_SUCCESS ) {
+ /*
+ * no limit associated with binder/connection or some other error
+ * occurred. use the default maximum.
+ */
+ if ( be->be_pagedsizelimit ) {
+ max_sizelimit = be->be_pagedsizelimit;
+ }
+ /* else was already set above */
+ }
+ }
+
if ( requested_sizelimit ) {
/* requested limit should be applied to all (including root) */
if ( isroot ) {
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 72ef58e..0ff2296 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -280,6 +280,7 @@ int config_set_anon_limits_dn( const char *attrname, char *value, char *errorbuf
int config_set_slapi_counters( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_srvtab( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_sizelimit( const char *attrname, char *value, char *errorbuf, int apply );
+int config_set_pagedsizelimit( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_lastmod( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_nagle( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_accesscontrol( const char *attrname, char *value, char *errorbuf, int apply );
@@ -412,6 +413,7 @@ char *config_get_anon_limits_dn();
int config_get_slapi_counters();
char *config_get_srvtab();
int config_get_sizelimit();
+int config_get_pagedsizelimit();
char *config_get_pw_storagescheme();
int config_get_pw_change();
int config_get_pw_history();
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 4dce915..98ba79c 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -1225,6 +1225,7 @@ typedef struct backend {
Slapi_RWLock *vlvSearchList_lock;
void *vlvSearchList;
Slapi_Counter *be_usn_counter; /* USN counter; one counter per backend */
+ int be_pagedsizelimit; /* size limit for this backend for simple paged result searches */
} backend;
enum
@@ -1792,6 +1793,7 @@ typedef struct _slapdEntryPoints {
#define CONFIG_DATABASE_ATTRIBUTE "nsslapd-database"
#define CONFIG_PLUGIN_ATTRIBUTE "nsslapd-plugin"
#define CONFIG_SIZELIMIT_ATTRIBUTE "nsslapd-sizelimit"
+#define CONFIG_PAGEDSIZELIMIT_ATTRIBUTE "nsslapd-pagedsizelimit"
#define CONFIG_TIMELIMIT_ATTRIBUTE "nsslapd-timelimit"
#define CONFIG_SUFFIX_ATTRIBUTE "nsslapd-suffix"
#define CONFIG_READONLY_ATTRIBUTE "nsslapd-readonly"
@@ -2182,6 +2184,7 @@ typedef struct _slapdFrontendConfig {
int entryusn_global; /* Entry USN: Use global counter */
char *allowed_to_delete_attrs;/* list of config attrs allowed to delete */
char *entryusn_import_init; /* Entry USN: determine the initital value of import */
+ int pagedsizelimit;
} slapdFrontendConfig_t;
/* possible values for slapdFrontendConfig_t.schemareplace */
diff --git a/ldap/servers/slapd/slapi-private.h b/ldap/servers/slapd/slapi-private.h
index 34183a8..6f1e2ca 100644
--- a/ldap/servers/slapd/slapi-private.h
+++ b/ldap/servers/slapd/slapi-private.h
@@ -655,6 +655,7 @@ typedef struct index_config
}IndexConfig;
void be_set_sizelimit(Slapi_Backend * be, int sizelimit);
+void be_set_pagedsizelimit(Slapi_Backend * be, int sizelimit);
void be_set_timelimit(Slapi_Backend * be, int timelimit);
int be_isdeleted( const Slapi_Backend *be );
12 years, 7 months