From bc06053f52e5cba568449af595f5547c219ad803 Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Mon, 4 Jun 2001 19:09:47 +0000
Subject: [PATCH] Add sb_max incoming

---
 servers/slapd/bind.c       | 14 ++++++++++++++
 servers/slapd/config.c     | 38 +++++++++++++++++++++++++-------------
 servers/slapd/connection.c |  5 +++++
 servers/slapd/proto-slap.h |  3 +++
 4 files changed, 47 insertions(+), 13 deletions(-)

diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index b7c4315ed1..d757028f59 100644
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -241,12 +241,20 @@ do_bind(
 
 		if( rc == LDAP_SUCCESS ) {
 			ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+
 			conn->c_dn = edn;
 			conn->c_authmech = mech;
 			conn->c_sasl_ssf = ssf;
 			if( ssf > conn->c_ssf ) {
 				conn->c_ssf = ssf;
 			}
+
+			if( conn->c_dn != NULL ) {
+				ber_len_t max = sockbuf_max_incoming;
+				ber_sockbuf_ctrl( conn->c_sb,
+					LBER_SB_OPT_SET_MAX_INCOMING, &max );
+			}
+
 			ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
 
 		} else if ( rc == LDAP_SASL_BIND_IN_PROGRESS ) {
@@ -407,6 +415,12 @@ do_bind(
 				ndn = NULL;
 			}
 
+			if( conn->c_dn != NULL ) {
+				ber_len_t max = sockbuf_max_incoming;
+				ber_sockbuf_ctrl( conn->c_sb,
+					LBER_SB_OPT_SET_MAX_INCOMING, &max );
+			}
+
 			Debug( LDAP_DEBUG_TRACE, "do_bind: v%d bind: \"%s\" to \"%s\"\n",
 	    		version, conn->c_cdn, conn->c_dn );
 
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 76dd0dbaf1..1017736560 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -41,6 +41,7 @@ char		*default_search_base = NULL;
 char		*default_search_nbase = NULL;
 
 ber_len_t sockbuf_max_incoming = SLAP_SB_MAX_INCOMING_DEFAULT;
+ber_len_t sockbuf_max_incoming_auth= SLAP_SB_MAX_INCOMING_AUTH;
 
 char   *slapd_pid_file  = NULL;
 char   *slapd_args_file = NULL;
@@ -172,15 +173,9 @@ read_config( const char *fname )
 		} else if ( strcasecmp( cargv[0], "sockbuf_max_incoming" ) == 0 ) {
 			long max;
 			if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
-				LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
-					   "%s: line %d: missing max in \"sockbuf_max_incoming <bytes\" line\n",
-					   fname, lineno ));
-#else
 				Debug( LDAP_DEBUG_ANY,
 					   "%s: line %d: missing max in \"sockbuf_max_incoming <bytes\" line\n",
 				    fname, lineno, 0 );
-#endif
 
 				return( 1 );
 			}
@@ -188,23 +183,40 @@ read_config( const char *fname )
 			max = atol( cargv[1] );
 
 			if( max < 0 ) {
-#ifdef NEW_LOGGING
-				LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
-					   "%s: line %d: invalid max value (%ld) in "
-					   "\"sockbuf_max_incoming <bytes>\" line.\n",
-					   fname, lineno, max ));
-#else
 				Debug( LDAP_DEBUG_ANY,
 					"%s: line %d: invalid max value (%ld) in "
 					"\"sockbuf_max_incoming <bytes>\" line.\n",
 				    fname, lineno, max );
-#endif
 
 				return( 1 );
 			}
 
 			sockbuf_max_incoming = max;
 
+		/* set sockbuf max authenticated */
+		} else if ( strcasecmp( cargv[0], "sockbuf_max_incoming_auth" ) == 0 ) {
+			long max;
+			if ( cargc < 2 ) {
+				Debug( LDAP_DEBUG_ANY,
+					   "%s: line %d: missing max in \"sockbuf_max_incoming_auth <bytes>\" line\n",
+				    fname, lineno, 0 );
+
+				return( 1 );
+			}
+
+			max = atol( cargv[1] );
+
+			if( max < 0 ) {
+				Debug( LDAP_DEBUG_ANY,
+					"%s: line %d: invalid max value (%ld) in "
+					"\"sockbuf_max_incoming_auth <bytes>\" line.\n",
+				    fname, lineno, max );
+
+				return( 1 );
+			}
+
+			sockbuf_max_incoming_auth = max;
+
 		/* default search base */
 		} else if ( strcasecmp( cargv[0], "defaultSearchBase" ) == 0 ) {
 			if ( cargc < 2 ) {
diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index b282cf6970..0d95090815 100644
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -488,6 +488,11 @@ void connection2anonymous( Connection *c )
     assert( connections != NULL );
     assert( c != NULL );
 
+	{
+		ber_len_t max = sockbuf_max_incoming;
+		ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
+	}
+
 	if(c->c_authmech != NULL ) {
 		free(c->c_authmech);
 		c->c_authmech = NULL;
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index dd1c6beaed..3688cab747 100644
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -768,7 +768,10 @@ LDAP_SLAPD_F (int)	krbv4_ldap_auth();
  * Other...
  */
 #define SLAP_SB_MAX_INCOMING_DEFAULT (1<<18 - 1)
+#define SLAP_SB_MAX_INCOMING_AUTH (1<<24 - 1)
+
 LDAP_SLAPD_F (ber_len_t) sockbuf_max_incoming;
+LDAP_SLAPD_F (ber_len_t) sockbuf_max_incoming_auth;
 
 LDAP_SLAPD_F (slap_mask_t)	global_restrictops;
 LDAP_SLAPD_F (slap_mask_t)	global_allows;
-- 
GitLab