Bug 513019
Summary: | nsslapd-lookthroughlimit is not respected when the filter test failed in search | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] 389 | Reporter: | Noriko Hosoi <nhosoi> | ||||
Component: | Database - Indexes/Searches | Assignee: | Noriko Hosoi <nhosoi> | ||||
Status: | CLOSED NOTABUG | QA Contact: | Chandrasekar Kannan <ckannan> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 1.2.0 | CC: | benl, jgalipea, nkinder, rmeggins, sramling | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2009-07-23 23:45:24 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 434914 | ||||||
Attachments: |
|
Description
Noriko Hosoi
2009-07-21 16:54:30 UTC
Created attachment 354532 [details]
git patch file for ldbm_search.c
File: ldap/servers/slapd/back-ldbm/ldbm_search.c
Fix Description: When filter test is necessary against the search results
and the test fails, lookthroughcount attached to the search result structure
should have been decremented since the entry will not be sent to the client,
but it was not. This change fixes it.
Reviewed by Rich (Thank you!) Pushed to master. $ git merge simple_results Updating 77c8f3e..1e3138f Fast forward ldap/servers/slapd/back-ldbm/ldbm_search.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) $ git push Counting objects: 13, done. Compressing objects: 100% (7/7), done. Writing objects: 100% (7/7), 862 bytes, done. Total 7 (delta 5), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 77c8f3e..1e3138f master -> master Revert "513019 nsslapd-lookthroughlimit is not respected" This reverts commit 1e3138f1d41562d6f42a8fdf0934af23219bb8e1. Misunderstood nsslapd-lookthroughlimit. Regardless of the filter test result, once hit the lookthroughlimit, search should be aborted there. That's what the original code does and that is correct. # Please enter the commit message for your changes. Lines starting # with '#' will be ignored, and an empty message aborts the commit. # On branch paged # Changes to be committed: # (use "git reset HEAD <file>..." to unstage) # # modified: ldap/servers/slapd/back-ldbm/ldbm_search.c $ git merge paged Updating c3f6ff6..85aefb4 Fast forward ldap/servers/slapd/back-ldbm/ldbm_search.c | 3 --- 1 files changed, 0 insertions(+), 3 deletions(-) $ git push Counting objects: 13, done. Compressing objects: 100% (7/7), done. Writing objects: 100% (7/7), 771 bytes, done. Total 7 (delta 5), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git c3f6ff6..85aefb4 master -> master It turned out it was the test script's problem. Assuming you are using something similar for your testing, my script was checking the search result code first and if an error was found (e.g., ADMINLIMIT_EXCEEDED, it quitted there. If some entries were returned, they were discarded. If the order is switched as follows, the script prints out the search results, then output the error and exit. my @entries = $result->entries; my $entr; foreach $entr ( @entries ) { print "dn: ", $entr->dn, "\n"; my $attr; foreach $attr ( sort $entr->attributes ) { # skip binary we can't handle next if ( $attr =~ /;binary$/ ); print " $attr : ", $entr->get_value ( $attr ) ,"\n"; } print "\n"; } if ($result->code) { print "search failed: ", ldap_error_name($result), ": ", ldap_error_text($result); print Net::LDAP::Message::server_error($result), "\n"; exit 1; } I set 10 to lookthroughlimit. 1st page contains 7 entries, then 3 in the next + ADMINLIMIT_EXCEEDED error: perl ldapsearch.pl -b "ou=Payroll,dc=example,dc=com" -pg 7 "(objectclass=*)" "dn" dn: ou=Payroll, dc=example,dc=com dn: uid=VLeBaron1, ou=Payroll, dc=example,dc=com dn: uid=JOshinski2, ou=Payroll, dc=example,dc=com dn: uid=LLe4, ou=Payroll, dc=example,dc=com dn: uid=LFeddeman12, ou=Payroll, dc=example,dc=com dn: uid=CTalis15, ou=Payroll, dc=example,dc=com dn: uid=BHerbel22, ou=Payroll, dc=example,dc=com next page size (7): dn: uid=PReist29, ou=Payroll, dc=example,dc=com dn: uid=NPastorek33, ou=Payroll, dc=example,dc=com dn: uid=BLawrence37, ou=Payroll, dc=example,dc=com search failed: LDAP_ADMIN_LIMIT_EXCEEDED: The server has exceed the maximum number of entries to search while gathering a list of search result candidates Sorry about the confusion. |