summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
authorPavel Zuna <pzuna@redhat.com>2010-10-14 10:54:24 -0400
committerAdam Young <ayoung@redhat.com>2010-10-22 19:53:08 -0400
commit5dcf01136380d8e32188c3dcb6a5b77023fc4fe8 (patch)
treef557fb0f5492302a7f073ade8394855b946e9935 /ipaserver
parentae76022df5b300bd43af76e879f87b2c3731ec43 (diff)
downloadfreeipa-5dcf01136380d8e32188c3dcb6a5b77023fc4fe8.tar.gz
freeipa-5dcf01136380d8e32188c3dcb6a5b77023fc4fe8.tar.xz
freeipa-5dcf01136380d8e32188c3dcb6a5b77023fc4fe8.zip
Add fail-safe defaults to time and size limits in ldap2 searches.
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/plugins/ldap2.py16
1 files changed, 11 insertions, 5 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index 096d3a3f8..12005c01f 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -515,9 +515,9 @@ class ldap2(CrudBackend, Encoder):
if time_limit is None or size_limit is None:
(cdn, config) = self.get_ipa_config()
if time_limit is None:
- time_limit = config.get('ipasearchtimelimit')[0]
+ time_limit = config.get('ipasearchtimelimit', [-1])[0]
if size_limit is None:
- size_limit = config.get('ipasearchrecordslimit')[0]
+ size_limit = config.get('ipasearchrecordslimit', [0])[0]
if not isinstance(size_limit, int):
size_limit = int(size_limit)
if not isinstance(time_limit, float):
@@ -568,16 +568,22 @@ class ldap2(CrudBackend, Encoder):
"""
return self.find_entries(None, attrs_list, dn, self.SCOPE_BASE, time_limit=time_limit, size_limit=size_limit, normalize=normalize)[0][0]
+ config_defaults = {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]}
def get_ipa_config(self):
"""Returns the IPA configuration entry (dn, entry_attrs)."""
cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn)
try:
- return self.find_entries(None, None, cdn, self.SCOPE_BASE,
- time_limit=2, size_limit=10)[0][0]
+ (cdn, config_entry) = self.find_entries(
+ base_dn=cdn, scope=self.SCOPE_BASE, time_limit=2, size_limit=10
+ )[0][0]
except errors.NotFound:
- return (cdn, {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]})
+ config_entry = {}
except Exception, e:
raise e
+ for a in self.config_defaults:
+ if a not in config_entry:
+ config_entry[a] = self.config_defaults[a]
+ return (cdn, config_entry)
def get_schema(self):
"""Returns a copy of the current LDAP schema."""