diff options
Diffstat (limited to 'src/providers/ldap')
| -rw-r--r-- | src/providers/ldap/ldap_opts.h | 1 | ||||
| -rw-r--r-- | src/providers/ldap/sdap.h | 1 | ||||
| -rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 8 | ||||
| -rw-r--r-- | src/providers/ldap/sdap_async_users.c | 8 |
4 files changed, 16 insertions, 2 deletions
diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index c1b9bf688..9f58db5bd 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -122,6 +122,7 @@ struct dp_option default_basic_opts[] = { { "ldap_min_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER}, { "ldap_max_id", DP_OPT_NUMBER, NULL_NUMBER, NULL_NUMBER}, { "ldap_pwdlockout_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING }, + { "wildcard_limit", DP_OPT_NUMBER, { .number = 1000 }, NULL_NUMBER}, DP_OPTION_TERMINATOR }; diff --git a/src/providers/ldap/sdap.h b/src/providers/ldap/sdap.h index d9b2d1863..444502bf7 100644 --- a/src/providers/ldap/sdap.h +++ b/src/providers/ldap/sdap.h @@ -231,6 +231,7 @@ enum sdap_basic_opt { SDAP_MIN_ID, SDAP_MAX_ID, SDAP_PWDLOCKOUT_DN, + SDAP_WILDCARD_LIMIT, SDAP_OPTS_BASIC /* opts counter */ }; diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index ad0354df1..525c6fa09 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -1856,6 +1856,7 @@ static errno_t sdap_get_groups_next_base(struct tevent_req *req) struct tevent_req *subreq; struct sdap_get_groups_state *state; bool need_paging = false; + int sizelimit = 0; state = tevent_req_data(req, struct sdap_get_groups_state); @@ -1873,13 +1874,18 @@ static errno_t sdap_get_groups_next_base(struct tevent_req *req) switch (state->lookup_type) { case SDAP_LOOKUP_SINGLE: + sizelimit = 1; need_paging = false; break; /* Only requests that can return multiple entries should require * the paging control */ case SDAP_LOOKUP_WILDCARD: + sizelimit = dp_opt_get_int(state->opts->basic, SDAP_WILDCARD_LIMIT); + need_paging = true; + break; case SDAP_LOOKUP_ENUMERATE: + sizelimit = 0; /* unlimited */ need_paging = true; break; } @@ -1891,7 +1897,7 @@ static errno_t sdap_get_groups_next_base(struct tevent_req *req) state->search_bases[state->base_iter]->scope, state->filter, state->attrs, state->opts->group_map, SDAP_OPTS_GROUP, - 0, NULL, NULL, 0, state->timeout, + 0, NULL, NULL, sizelimit, state->timeout, need_paging); if (!subreq) { return ENOMEM; diff --git a/src/providers/ldap/sdap_async_users.c b/src/providers/ldap/sdap_async_users.c index f66ae2604..a864a8b21 100644 --- a/src/providers/ldap/sdap_async_users.c +++ b/src/providers/ldap/sdap_async_users.c @@ -674,6 +674,7 @@ static errno_t sdap_search_user_next_base(struct tevent_req *req) struct tevent_req *subreq; struct sdap_search_user_state *state; bool need_paging = false; + int sizelimit = 0; state = tevent_req_data(req, struct sdap_search_user_state); @@ -691,13 +692,18 @@ static errno_t sdap_search_user_next_base(struct tevent_req *req) switch (state->lookup_type) { case SDAP_LOOKUP_SINGLE: + sizelimit = 1; need_paging = false; break; /* Only requests that can return multiple entries should require * the paging control */ case SDAP_LOOKUP_WILDCARD: + sizelimit = dp_opt_get_int(state->opts->basic, SDAP_WILDCARD_LIMIT); + need_paging = true; + break; case SDAP_LOOKUP_ENUMERATE: + sizelimit = 0; /* unlimited */ need_paging = true; break; } @@ -708,7 +714,7 @@ static errno_t sdap_search_user_next_base(struct tevent_req *req) state->search_bases[state->base_iter]->scope, state->filter, state->attrs, state->opts->user_map, state->opts->user_map_cnt, - 0, NULL, NULL, 0, state->timeout, + 0, NULL, NULL, sizelimit, state->timeout, need_paging); if (subreq == NULL) { return ENOMEM; |