From 577f0b9f3eb7e9f432f5605ab5095dbe8267ce5f Mon Sep 17 00:00:00 2001 From: Stephane Bortzmeyer Date: Thu, 24 Jan 2008 20:58:58 +0000 Subject: [PATCH] Remarks Joerg Roth about the risk of getting out of memory if too many results --- SRC/plugins/ldap/ldap.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/SRC/plugins/ldap/ldap.c b/SRC/plugins/ldap/ldap.c index ed6fb76..adbec53 100644 --- a/SRC/plugins/ldap/ldap.c +++ b/SRC/plugins/ldap/ldap.c @@ -74,9 +74,14 @@ init(const int argc, const char **argv, if (base == NULL) base = ""; if (request == NULL || !strcmp(request, "")) - request = "(objectclass=*)"; + request = "(objectclass=*)"; /* Default mentioned in OpenLDAP + * documentation. Joerg Roth fears + * that it may trigger "Size limit + * exceeded" if there are many + * objects at this node. RFC 4515 + * seems silent here. */ if (scope_string != NULL) { - scope_string = (char *)to_upper(scope_string); + scope_string = (char *) to_upper(scope_string); if (!strcmp(scope_string, "BASE")) scope = LDAP_SCOPE_BASE; else if (!strcmp(scope_string, "SUB")) @@ -118,6 +123,8 @@ start() * * So, we perform a dummy search immediately. */ + /* TODO: Since it is just to see if the server replies, we could use a + * request like (objectclass=dummystuff) to be sure to not return anything */ result = ldap_search_s(session, base, LDAP_SCOPE_ONELEVEL, "(objectclass=*)", NULL, /* Return * all * attributes