diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2013-05-14 18:00:10 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-05-23 11:52:21 +0200 |
commit | c13eb9379fbe9958a4f810ba14171a3d5335d62e (patch) | |
tree | 812253b5bae16635799d883e0fbed27acb1545ec /src/providers/ldap/sdap.c | |
parent | 200d054efd449435e2bc9d8f7a00fee2183d9c75 (diff) | |
download | sssd-c13eb9379fbe9958a4f810ba14171a3d5335d62e.tar.gz sssd-c13eb9379fbe9958a4f810ba14171a3d5335d62e.tar.xz sssd-c13eb9379fbe9958a4f810ba14171a3d5335d62e.zip |
Adding option to disable retrieving large AD groups.
This commit adds new option ldap_disable_range_retrieval with default value
FALSE. If this option is enabled, large groups(>1500) will not be retrieved and
behaviour will be similar like was before commit ae8d047122c
"LDAP: Handle very large Active Directory groups"
https://fedorahosted.org/sssd/ticket/1823
Diffstat (limited to 'src/providers/ldap/sdap.c')
-rw-r--r-- | src/providers/ldap/sdap.c | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c index a12ffa67e..07a93ddfb 100644 --- a/src/providers/ldap/sdap.c +++ b/src/providers/ldap/sdap.c @@ -97,7 +97,8 @@ int sdap_get_map(TALLOC_CTX *memctx, int sdap_parse_entry(TALLOC_CTX *memctx, struct sdap_handle *sh, struct sdap_msg *sm, struct sdap_attr_map *map, int attrs_num, - struct sysdb_attrs **_attrs, char **_dn) + struct sysdb_attrs **_attrs, char **_dn, + bool disable_range_retrieval) { struct sysdb_attrs *attrs; BerElement *ber = NULL; @@ -192,23 +193,27 @@ int sdap_parse_entry(TALLOC_CTX *memctx, while (str) { base64 = false; - ret = sdap_parse_range(tmp_ctx, str, &base_attr, &range_offset); - if (ret == EAGAIN) { + ret = sdap_parse_range(tmp_ctx, str, &base_attr, &range_offset, + disable_range_retrieval); + switch(ret) { + case EAGAIN: /* This attribute contained range values and needs more to * be retrieved */ /* TODO: return the set of attributes that need additional retrieval * For now, we'll continue below and treat it as regular values. */ - - } else if (ret != EOK) { + /* FALLTHROUGH */ + case ECANCELED: + /* FALLTHROUGH */ + case EOK: + break; + default: DEBUG(SSSDBG_MINOR_FAILURE, - ("Could not determine if attribute [%s] was ranged\n", - str)); + ("Could not determine if attribute [%s] was ranged\n", str)); goto done; } - if (map) { for (a = 1; a < attrs_num; a++) { /* check if this attr is valid with the chosen schema */ @@ -232,6 +237,11 @@ int sdap_parse_entry(TALLOC_CTX *memctx, store = true; } + if (ret == ECANCELED) { + ret = EOK; + store = false; + } + if (store) { vals = ldap_get_values_len(sh->ldap, sm->msg, str); if (!vals) { |