diff options
author | reyk <reyk@openbsd.org> | 2018-05-16 10:08:47 +0000 |
---|---|---|
committer | reyk <reyk@openbsd.org> | 2018-05-16 10:08:47 +0000 |
commit | 67be6f6e7c989033a4101fbb73b1fe0becedcaa6 (patch) | |
tree | f9a35e9da6306f22733c61b7df31a0c8392d0a4c /usr.sbin/ldapd | |
parent | be a bit more paranoid about termsizes, this works around broken (diff) | |
download | wireguard-openbsd-67be6f6e7c989033a4101fbb73b1fe0becedcaa6.tar.xz wireguard-openbsd-67be6f6e7c989033a4101fbb73b1fe0becedcaa6.zip |
Fix the client search request time and size limits.
ldapd failed when the specified limits were reached instead of
exceeded. This fixes search queries that define such a limit, for
example with "ldapsearch -z 1".
Thanks to Christophe Simon for the bug report, analysis, and fix!
OK jmatthew@
Diffstat (limited to 'usr.sbin/ldapd')
-rw-r--r-- | usr.sbin/ldapd/search.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/usr.sbin/ldapd/search.c b/usr.sbin/ldapd/search.c index 84f0fd2cbb0..2e965653337 100644 --- a/usr.sbin/ldapd/search.c +++ b/usr.sbin/ldapd/search.c @@ -1,4 +1,4 @@ -/* $OpenBSD: search.c,v 1.20 2018/05/15 11:19:21 reyk Exp $ */ +/* $OpenBSD: search.c,v 1.21 2018/05/16 10:08:47 reyk Exp $ */ /* * Copyright (c) 2009, 2010 Martin Hedenfalk <martin@bzero.se> @@ -437,8 +437,8 @@ conn_search(struct search *search) /* Check if we have passed the size limit. */ if (rc == BT_SUCCESS && search->szlim > 0 && - search->nmatched >= search->szlim) { - log_debug("search %d/%lld has reached size limit (%lld)", + search->nmatched > search->szlim) { + log_debug("search %d/%lld has exceeded size limit (%lld)", search->conn->fd, search->req->msgid, search->szlim); reason = LDAP_SIZELIMIT_EXCEEDED; @@ -449,8 +449,8 @@ conn_search(struct search *search) /* Check if we have passed the time limit. */ now = time(0); if (rc == 0 && search->tmlim > 0 && - search->started_at + search->tmlim <= now) { - log_debug("search %d/%lld has reached time limit (%lld)", + search->started_at + search->tmlim < now) { + log_debug("search %d/%lld has exceeded time limit (%lld)", search->conn->fd, search->req->msgid, search->tmlim); reason = LDAP_TIMELIMIT_EXCEEDED; |