diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-18 10:17:44 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-05-18 13:08:37 -0400 |
commit | db534f6eb40f083860756afe3b2d0589f271dec0 (patch) | |
tree | d7b1b63933164bf83d1d3b0b414fa26239296d9b /src/providers/ldap | |
parent | 6663abdda9ce55aace1b19c4170b1153d39136e0 (diff) | |
download | sssd-db534f6eb40f083860756afe3b2d0589f271dec0.tar.gz sssd-db534f6eb40f083860756afe3b2d0589f271dec0.tar.xz sssd-db534f6eb40f083860756afe3b2d0589f271dec0.zip |
Set ldap_search_timeout default to 5 seconds
The manpages had five seconds listed, but the source disagreed (it
was set to 60 seconds).
This resulted in long wait times when unlocking the screen after
network disconnection, for example.
If enumerate=True, we will set this value to a minimum of 30s
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/ldap_common.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/ldap_init.c | 10 |
2 files changed, 11 insertions, 1 deletions
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 8fcea9677..0257ef638 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -36,7 +36,7 @@ struct dp_option default_basic_opts[] = { { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_default_authtok_type", DP_OPT_STRING, NULL_STRING, NULL_STRING}, { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB }, - { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER }, + { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER }, { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING }, diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index 5c6f4b790..af98d8e52 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -82,6 +82,16 @@ int sssm_ldap_id_init(struct be_ctx *bectx, goto done; } + /* FIXME: This is a workaround for 1.2.0. In the future, we need to have + * separate timeouts for enumeration operations + * If enumeration is enabled and the search timeout is less + * than 30s, force it to a minimum of 30s. + */ + if(bectx->domain->enumerate && + dp_opt_get_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT) < 30) { + dp_opt_set_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT, 30); + } + dns_service_name = dp_opt_get_string(ctx->opts->basic, SDAP_DNS_SERVICE_NAME); DEBUG(7, ("Service name for discovery set to %s\n", dns_service_name)); |