From 67be6f6e7c989033a4101fbb73b1fe0becedcaa6 Mon Sep 17 00:00:00 2001 From: reyk Date: Wed, 16 May 2018 10:08:47 +0000 Subject: Fix the client search request time and size limits. ldapd failed when the specified limits were reached instead of exceeded. This fixes search queries that define such a limit, for example with "ldapsearch -z 1". Thanks to Christophe Simon for the bug report, analysis, and fix! OK jmatthew@ --- usr.sbin/ldapd/search.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'usr.sbin/ldapd') diff --git a/usr.sbin/ldapd/search.c b/usr.sbin/ldapd/search.c index 84f0fd2cbb0..2e965653337 100644 --- a/usr.sbin/ldapd/search.c +++ b/usr.sbin/ldapd/search.c @@ -1,4 +1,4 @@ -/* $OpenBSD: search.c,v 1.20 2018/05/15 11:19:21 reyk Exp $ */ +/* $OpenBSD: search.c,v 1.21 2018/05/16 10:08:47 reyk Exp $ */ /* * Copyright (c) 2009, 2010 Martin Hedenfalk @@ -437,8 +437,8 @@ conn_search(struct search *search) /* Check if we have passed the size limit. */ if (rc == BT_SUCCESS && search->szlim > 0 && - search->nmatched >= search->szlim) { - log_debug("search %d/%lld has reached size limit (%lld)", + search->nmatched > search->szlim) { + log_debug("search %d/%lld has exceeded size limit (%lld)", search->conn->fd, search->req->msgid, search->szlim); reason = LDAP_SIZELIMIT_EXCEEDED; @@ -449,8 +449,8 @@ conn_search(struct search *search) /* Check if we have passed the time limit. */ now = time(0); if (rc == 0 && search->tmlim > 0 && - search->started_at + search->tmlim <= now) { - log_debug("search %d/%lld has reached time limit (%lld)", + search->started_at + search->tmlim < now) { + log_debug("search %d/%lld has exceeded time limit (%lld)", search->conn->fd, search->req->msgid, search->tmlim); reason = LDAP_TIMELIMIT_EXCEEDED; -- cgit v1.2.3-59-g8ed1b