diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2013-05-14 18:00:10 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-05-23 11:45:38 +0200 |
commit | 6263578b03a52b3ec3a2e33e097554241780fc20 (patch) | |
tree | 44144d1017026806d48354780e5ef71ebfc6b04e /src/providers/ldap/sdap_async.c | |
parent | b0ab39364df453d4ec65d7d6e05a6530895ce3a6 (diff) | |
download | sssd-6263578b03a52b3ec3a2e33e097554241780fc20.tar.gz sssd-6263578b03a52b3ec3a2e33e097554241780fc20.tar.xz sssd-6263578b03a52b3ec3a2e33e097554241780fc20.zip |
Adding option to disable retrieving large AD groups.
This commit adds new option ldap_disable_range_retrieval with default value
FALSE. If this option is enabled, large groups(>1500) will not be retrieved and
behaviour will be similar like was before commit ae8d047122c
"LDAP: Handle very large Active Directory groups"
https://fedorahosted.org/sssd/ticket/1823
Diffstat (limited to 'src/providers/ldap/sdap_async.c')
-rw-r--r-- | src/providers/ldap/sdap_async.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index 5eac1d436..b2bf0360e 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -1469,6 +1469,7 @@ struct sdap_get_generic_state { int map_num_attrs; struct sdap_reply sreply; + struct sdap_options *opts; }; static void sdap_get_generic_done(struct tevent_req *subreq); @@ -1498,6 +1499,7 @@ struct tevent_req *sdap_get_generic_send(TALLOC_CTX *memctx, state->map = map; state->map_num_attrs = map_num_attrs; + state->opts = opts; subreq = sdap_get_generic_ext_send(state, ev, opts, sh, search_base, scope, filter, attrs, false, NULL, @@ -1521,9 +1523,12 @@ static errno_t sdap_get_generic_parse_entry(struct sdap_handle *sh, struct sdap_get_generic_state *state = talloc_get_type(pvt, struct sdap_get_generic_state); + bool disable_range_rtrvl = dp_opt_get_bool(state->opts->basic, + SDAP_DISABLE_RANGE_RETRIEVAL); + ret = sdap_parse_entry(state, sh, msg, state->map, state->map_num_attrs, - &attrs, NULL); + &attrs, NULL, disable_range_rtrvl); if (ret != EOK) { DEBUG(3, ("sdap_parse_entry failed [%d]: %s\n", ret, strerror(ret))); return ret; @@ -1811,6 +1816,7 @@ struct sdap_asq_search_state { struct sdap_attr_map_info *maps; int num_maps; LDAPControl **ctrls; + struct sdap_options *opts; struct sdap_deref_reply dreply; }; @@ -1842,6 +1848,7 @@ sdap_asq_search_send(TALLOC_CTX *memctx, struct tevent_context *ev, state->maps = maps; state->num_maps = num_maps; state->ctrls = talloc_zero_array(state, LDAPControl *, 2); + state->opts = opts; if (state->ctrls == NULL) { talloc_zfree(req); return NULL; @@ -1925,6 +1932,7 @@ static errno_t sdap_asq_search_parse_entry(struct sdap_handle *sh, char *tmp; char *dn; TALLOC_CTX *tmp_ctx; + bool disable_range_rtrvl; tmp_ctx = talloc_new(NULL); if (!tmp_ctx) return ENOMEM; @@ -1984,9 +1992,12 @@ static errno_t sdap_asq_search_parse_entry(struct sdap_handle *sh, continue; } + disable_range_rtrvl = dp_opt_get_bool(state->opts->basic, + SDAP_DISABLE_RANGE_RETRIEVAL); + ret = sdap_parse_entry(res[mi], sh, msg, map, num_attrs, - &res[mi]->attrs, NULL); + &res[mi]->attrs, NULL, disable_range_rtrvl); if (ret != EOK) { DEBUG(3, ("sdap_parse_entry failed [%d]: %s\n", ret, strerror(ret))); goto done; |