python-ldap fails gloriously if the search time limit is 0. Don't allow it.

Don't allow the time limit to be set in the API. Also add a failsafe in the ldap driver because such bad things happen if this value is 0. I think it literally spends 0 time on the request and just returns immediately. ticket 752
author: Rob Crittenden <rcritten@redhat.com> 2011-01-13 13:08:52 -0500
committer: Rob Crittenden <rcritten@redhat.com> 2011-01-14 09:48:07 -0500
commit: 67852835684ca44e14cf650a9793d123f111a04d (patch)
tree: e348a0ff3aec38049bb587749376bae2cf8103a5 /ipaserver
parent: 680148ed036bcef5ecfc0ca1938b9768d8a233ca (diff)
download: freeipa-67852835684ca44e14cf650a9793d123f111a04d.tar.gz
freeipa-67852835684ca44e14cf650a9793d123f111a04d.tar.xz
freeipa-67852835684ca44e14cf650a9793d123f111a04d.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index a728199eb..b49a7832f 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -535,6 +535,8 @@ class ldap2(CrudBackend, Encoder):
                 time_limit = config.get('ipasearchtimelimit', [-1])[0]
             if size_limit is None:
                 size_limit = config.get('ipasearchrecordslimit', [0])[0]
+        if time_limit == 0:
+            time_limit = -1
         if not isinstance(size_limit, int):
             size_limit = int(size_limit)
         if not isinstance(time_limit, float):
author	Rob Crittenden <rcritten@redhat.com>	2011-01-13 13:08:52 -0500
committer	Rob Crittenden <rcritten@redhat.com>	2011-01-14 09:48:07 -0500
commit	67852835684ca44e14cf650a9793d123f111a04d (patch)
tree	e348a0ff3aec38049bb587749376bae2cf8103a5 /ipaserver
parent	680148ed036bcef5ecfc0ca1938b9768d8a233ca (diff)
download	freeipa-67852835684ca44e14cf650a9793d123f111a04d.tar.gz freeipa-67852835684ca44e14cf650a9793d123f111a04d.tar.xz freeipa-67852835684ca44e14cf650a9793d123f111a04d.zip