From 495dfa69a2b8eae03d856d9b002b4c3114fbb01b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ond=C5=99ej=20Kuzn=C3=ADk?= <ondra@mistotebe.net>
Date: Tue, 13 Jun 2017 19:32:35 +0100
Subject: [PATCH] Split client/upstream PDU size limits

---
 doc/man/man5/lloadd.conf.5  |  9 +++++----
 servers/lloadd/client.c     |  5 +++++
 servers/lloadd/config.c     | 12 ++++++------
 servers/lloadd/connection.c |  5 -----
 servers/lloadd/proto-slap.h |  4 ++--
 servers/lloadd/slap.h       |  4 ++--
 servers/lloadd/upstream.c   |  5 +++++
 7 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/doc/man/man5/lloadd.conf.5 b/doc/man/man5/lloadd.conf.5
index 7a6f96ccc4..4392d53f40 100644
--- a/doc/man/man5/lloadd.conf.5
+++ b/doc/man/man5/lloadd.conf.5
@@ -251,12 +251,13 @@ The (absolute) name of a file that will hold the
 server's process ID (see
 .BR getpid (2)).
 .TP
-.B sockbuf_max_incoming <integer>
-Specify the maximum incoming LDAP PDU size for anonymous sessions.
+.B sockbuf_max_incoming_client <integer>
+Specify the maximum LDAP PDU size accepted coming from clients.
 The default is 262143.
 .TP
-.B sockbuf_max_incoming_auth <integer>
-Specify the maximum incoming LDAP PDU size for authenticated sessions.
+.B sockbuf_max_incoming_upstream <integer>
+Specify the maximum LDAP PDU size accepted coming from upstream
+connections.
 The default is 4194303.
 .TP
 .B tcp-buffer [listener=<URL>] [{read|write}=]<size>
diff --git a/servers/lloadd/client.c b/servers/lloadd/client.c
index 6e290d8f91..8063eb987a 100644
--- a/servers/lloadd/client.c
+++ b/servers/lloadd/client.c
@@ -268,6 +268,11 @@ client_init(
 
     c = connection_init( s, peername, flags );
 
+    {
+        ber_len_t max = sockbuf_max_incoming_client;
+        ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
+    }
+
     c->c_state = SLAP_C_READY;
 
     event = event_new( base, s, EV_READ|EV_PERSIST, client_read_cb, c );
diff --git a/servers/lloadd/config.c b/servers/lloadd/config.c
index 96571c6322..5e9af80730 100644
--- a/servers/lloadd/config.c
+++ b/servers/lloadd/config.c
@@ -71,8 +71,8 @@ static char *logfileName;
 
 lload_features_t lload_features;
 
-ber_len_t sockbuf_max_incoming = SLAP_SB_MAX_INCOMING_DEFAULT;
-ber_len_t sockbuf_max_incoming_auth = SLAP_SB_MAX_INCOMING_AUTH;
+ber_len_t sockbuf_max_incoming_client = SLAP_SB_MAX_INCOMING_CLIENT;
+ber_len_t sockbuf_max_incoming_upstream = SLAP_SB_MAX_INCOMING_UPSTREAM;
 
 int slap_conn_max_pdus_per_cycle = SLAP_CONN_MAX_PDUS_PER_CYCLE_DEFAULT;
 
@@ -203,13 +203,13 @@ static ConfigTable config_back_cf_table[] = {
         ARG_MAGIC,
         &config_restrict,
     },
-    { "sockbuf_max_incoming", "max", 2, 2, 0,
+    { "sockbuf_max_incoming_client", "max", 2, 2, 0,
         ARG_BER_LEN_T,
-        &sockbuf_max_incoming,
+        &sockbuf_max_incoming_client,
     },
-    { "sockbuf_max_incoming_auth", "max", 2, 2, 0,
+    { "sockbuf_max_incoming_upstream", "max", 2, 2, 0,
         ARG_BER_LEN_T,
-        &sockbuf_max_incoming_auth,
+        &sockbuf_max_incoming_upstream,
     },
     { "tcp-buffer", "[listener=<listener>] [{read|write}=]size", 0, 0, 0,
 #ifdef LDAP_TCP_BUFFER
diff --git a/servers/lloadd/connection.c b/servers/lloadd/connection.c
index 9174412d6b..d8d46a5a89 100644
--- a/servers/lloadd/connection.c
+++ b/servers/lloadd/connection.c
@@ -107,11 +107,6 @@ connection_init( ber_socket_t s, const char *peername, int flags )
     c->c_sb = ber_sockbuf_alloc();
     ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_FD, &s );
 
-    {
-        ber_len_t max = sockbuf_max_incoming;
-        ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
-    }
-
 #ifdef LDAP_PF_LOCAL
     if ( flags & CONN_IS_IPC ) {
 #ifdef LDAP_DEBUG
diff --git a/servers/lloadd/proto-slap.h b/servers/lloadd/proto-slap.h
index 69796dc607..bcad45dcc5 100644
--- a/servers/lloadd/proto-slap.h
+++ b/servers/lloadd/proto-slap.h
@@ -227,8 +227,8 @@ LDAP_SLAPD_F (int) slap_zn_wlock( void *, void * );
 LDAP_SLAPD_F (int) slap_zn_wunlock( void *, void * );
 #endif
 
-LDAP_SLAPD_V (ber_len_t) sockbuf_max_incoming;
-LDAP_SLAPD_V (ber_len_t) sockbuf_max_incoming_auth;
+LDAP_SLAPD_V (ber_len_t) sockbuf_max_incoming_client;
+LDAP_SLAPD_V (ber_len_t) sockbuf_max_incoming_upstream;
 LDAP_SLAPD_V (int) slap_conn_max_pdus_per_cycle;
 
 LDAP_SLAPD_V (lload_features_t) lload_features;
diff --git a/servers/lloadd/slap.h b/servers/lloadd/slap.h
index 8bd08b3d58..a3193eb3aa 100644
--- a/servers/lloadd/slap.h
+++ b/servers/lloadd/slap.h
@@ -84,8 +84,8 @@ LDAP_BEGIN_DECL
 
 #define SLAP_MAX_WORKER_THREADS ( 16 )
 
-#define SLAP_SB_MAX_INCOMING_DEFAULT ( ( 1 << 18 ) - 1 )
-#define SLAP_SB_MAX_INCOMING_AUTH ( ( 1 << 24 ) - 1 )
+#define SLAP_SB_MAX_INCOMING_CLIENT ( ( 1 << 18 ) - 1 )
+#define SLAP_SB_MAX_INCOMING_UPSTREAM ( ( 1 << 24 ) - 1 )
 
 #define SLAP_CONN_MAX_PDUS_PER_CYCLE_DEFAULT 10
 
diff --git a/servers/lloadd/upstream.c b/servers/lloadd/upstream.c
index 4b57f30f17..9cc551da32 100644
--- a/servers/lloadd/upstream.c
+++ b/servers/lloadd/upstream.c
@@ -818,6 +818,11 @@ upstream_init( ber_socket_t s, Backend *b )
     c = connection_init( s, b->b_host, flags );
     c->c_private = b;
 
+    {
+        ber_len_t max = sockbuf_max_incoming_upstream;
+        ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
+    }
+
     event = event_new( base, s, EV_WRITE, upstream_write_cb, c );
     if ( !event ) {
         Debug( LDAP_DEBUG_ANY, "upstream_init: "