From 5dcf01136380d8e32188c3dcb6a5b77023fc4fe8 Mon Sep 17 00:00:00 2001 From: Pavel Zuna Date: Thu, 14 Oct 2010 10:54:24 -0400 Subject: Add fail-safe defaults to time and size limits in ldap2 searches. --- ipaserver/plugins/ldap2.py | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'ipaserver/plugins/ldap2.py') diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index 096d3a3f8..12005c01f 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -515,9 +515,9 @@ class ldap2(CrudBackend, Encoder): if time_limit is None or size_limit is None: (cdn, config) = self.get_ipa_config() if time_limit is None: - time_limit = config.get('ipasearchtimelimit')[0] + time_limit = config.get('ipasearchtimelimit', [-1])[0] if size_limit is None: - size_limit = config.get('ipasearchrecordslimit')[0] + size_limit = config.get('ipasearchrecordslimit', [0])[0] if not isinstance(size_limit, int): size_limit = int(size_limit) if not isinstance(time_limit, float): @@ -568,16 +568,22 @@ class ldap2(CrudBackend, Encoder): """ return self.find_entries(None, attrs_list, dn, self.SCOPE_BASE, time_limit=time_limit, size_limit=size_limit, normalize=normalize)[0][0] + config_defaults = {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]} def get_ipa_config(self): """Returns the IPA configuration entry (dn, entry_attrs).""" cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn) try: - return self.find_entries(None, None, cdn, self.SCOPE_BASE, - time_limit=2, size_limit=10)[0][0] + (cdn, config_entry) = self.find_entries( + base_dn=cdn, scope=self.SCOPE_BASE, time_limit=2, size_limit=10 + )[0][0] except errors.NotFound: - return (cdn, {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]}) + config_entry = {} except Exception, e: raise e + for a in self.config_defaults: + if a not in config_entry: + config_entry[a] = self.config_defaults[a] + return (cdn, config_entry) def get_schema(self): """Returns a copy of the current LDAP schema.""" -- cgit