diff options
author | Pavel Zuna <pzuna@redhat.com> | 2010-10-14 10:54:24 -0400 |
---|---|---|
committer | Adam Young <ayoung@redhat.com> | 2010-10-22 19:53:08 -0400 |
commit | 5dcf01136380d8e32188c3dcb6a5b77023fc4fe8 (patch) | |
tree | f557fb0f5492302a7f073ade8394855b946e9935 /ipaserver | |
parent | ae76022df5b300bd43af76e879f87b2c3731ec43 (diff) | |
download | freeipa-5dcf01136380d8e32188c3dcb6a5b77023fc4fe8.tar.gz freeipa-5dcf01136380d8e32188c3dcb6a5b77023fc4fe8.tar.xz freeipa-5dcf01136380d8e32188c3dcb6a5b77023fc4fe8.zip |
Add fail-safe defaults to time and size limits in ldap2 searches.
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/plugins/ldap2.py | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 096d3a3f8..12005c01f 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -515,9 +515,9 @@ class ldap2(CrudBackend, Encoder): if time_limit is None or size_limit is None: (cdn, config) = self.get_ipa_config() if time_limit is None: - time_limit = config.get('ipasearchtimelimit')[0] + time_limit = config.get('ipasearchtimelimit', [-1])[0] if size_limit is None: - size_limit = config.get('ipasearchrecordslimit')[0] + size_limit = config.get('ipasearchrecordslimit', [0])[0] if not isinstance(size_limit, int): size_limit = int(size_limit) if not isinstance(time_limit, float): @@ -568,16 +568,22 @@ class ldap2(CrudBackend, Encoder): """ return self.find_entries(None, attrs_list, dn, self.SCOPE_BASE, time_limit=time_limit, size_limit=size_limit, normalize=normalize)[0][0] + config_defaults = {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]} def get_ipa_config(self): """Returns the IPA configuration entry (dn, entry_attrs).""" cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn) try: - return self.find_entries(None, None, cdn, self.SCOPE_BASE, - time_limit=2, size_limit=10)[0][0] + (cdn, config_entry) = self.find_entries( + base_dn=cdn, scope=self.SCOPE_BASE, time_limit=2, size_limit=10 + )[0][0] except errors.NotFound: - return (cdn, {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]}) + config_entry = {} except Exception, e: raise e + for a in self.config_defaults: + if a not in config_entry: + config_entry[a] = self.config_defaults[a] + return (cdn, config_entry) def get_schema(self): """Returns a copy of the current LDAP schema.""" |