Rise max datagram record size to 8KB
By default, max datagram record size in NIS protocol is limited to
YPMAXRECORD which is 1024 bytes. However, in 2013 glibc allowed to
change this value up to 16MB in runtime and FreeBSD followed the trend
in 2019 (https://reviews.freebsd.org/D20900). These changes allow NIS
servers to send buffers of any sizes up to 16MB if clients allocate
their memory in heap.
There is still one place where YPMAXRECORD is used for a stack
allocation in glibc: xdr_ypall() function. Access to individual
keys/values can use up to 16MB of memory but through xdr_ypall() the
buffers to store individual record key/value pairs is limited to
YPMAXRECORD size on stack. It means if a server has sent a larger
key/value pair, a client stack could still be smashed.
For slapi-nis, there is no easy way of knowing in advance the size of
the record to be sent. Large groups can easily get beyond default 1024
bytes. There is a NIS plugin setting (nis-max-dgram-size) that can be
used to adjust configuration.
Let's use 8KB as a default for now. NIS support is going to be phased
out, Fedora and RHEL 9 already removed NIS client side code.
Resolves: rhbz#1784172
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>