Summary: Adjustment for new LDAP C SDK
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204566
Summary: Adjustment for new LDAP C SDK
Product: Fedora Directory Server
Version: 1.0.2
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: Directory Server
AssignedTo: nhosoi(a)redhat.com
ReportedBy: nhosoi(a)redhat.com
QAContact: ohegarty(a)redhat.com
CC: ohegarty(a)redhat.com
Estimated Hours: 0.0
Description of problem:
LDAP C SDK function -- ber_get_next_buffer_ext's API has been changed since the
Sun code merge. (See also
https://bugzilla.mozilla.org/show_bug.cgi?id=347933)
We need to update the connection code to adjust.
ber_get_next_buffer_ext in mozilla/directory/c-sdk/ldap/libraries/liblber/io.c
Original:
/*
* Returns the tag of the message or LBER_DEFAULT if an error occurs. There
* are two cases where LBER_DEFAULT is returned:
*
* 1) There was not enough data in the buffer to complete the message; this
* is a "soft" error. In this case, *Bytes_Scanned is set to a positive
* number.
*
* 2) A "fatal" error occurs. In this case, *Bytes_Scanned is set to zero.
* To check for specific errors, the system error number (errno) must
* be consulted. These errno values are explicitly set by this
* function; other errno values may be set by underlying OS functions:
*
* EINVAL - LBER_SOCKBUF_OPT_VALID_TAG option set but tag does not match.
* EMSGSIZE - length was not represented as <= sizeof(long) bytes or the
* LBER_SOCKBUF_OPT_MAX_INCOMING_SIZE option was set and the
* message is longer than the maximum. *len will be set in
* the latter situation.
*/
New:
/*
* Returns the tag of the message or LBER_ return code if an error occurs.
*
* If there was not enough data in the buffer to complete the message this
* is a "soft" error. In this case, *Bytes_Scanned is set to a positive
* number and return code is set to LBER_DEFAULT.
*
* On overflow condition when the length is either bigger than ber_uint_t
* type or the value preset via LBER_SOCKBUF_OPT_MAX_INCOMING_SIZE option,
* *Bytes_Scanned is set to zero and return code is set to LBER_OVERFLOW.
*
* For backward compatibility errno is also set on these error conditions:
*
* EINVAL - LBER_SOCKBUF_OPT_VALID_TAG option set but tag doesnt match.
* EMSGSIZE - an overflow condition as described above for LBER_OVERFLOW.
*/
------- Additional Comments From nhosoi(a)redhat.com 2006-08-29 21:26 EST -------
Created an attachment (id=135178)
--> (
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=135178&action=...)
cvs diff ldapserver/ldap/servers/slapd/connection.c
File:
ldapserver/ldap/servers/slapd/connection.c
Changes:
1) When ber_get_next_buffer_ext fails, not just LBER_DEFAULT but
LBER_OVERFLOW can be set to the ber tag. Thus, LBER_OVERFLOW is also
checked in the error check now.
2) The too large length error used be checked as "errno == EMSGSIZE",
which is replaced with "tag == LBER_OVERFLOW"
3) When the too large length error occurs, the following error was logged
in the errors log, which was not appropriate since increasing
nsslapd-maxbersize did not solve the problem.
connection - conn=7 fd=65 Incoming BER Element was too long, max
allowable is 2097152 bytes. Change the nsslapd-maxbersize attribute
in cn=config to increase.
Removed the error logging.
4) When the error occurs, B2 (== SLAPD_DISCONNECT_BER_TOO_BIG) is added
at the end of the closed error in the access log. Error code EMSGSIZE
and its description has been added:
conn=7 op=-1 fd=65 closed error 90 (Message too long) - B2