diff options
Diffstat (limited to 'src/providers')
-rw-r--r-- | src/providers/ipa/ipa_common.c | 2 | ||||
-rw-r--r-- | src/providers/ipa/ipa_init.c | 10 | ||||
-rw-r--r-- | src/providers/ldap/ldap_common.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/ldap_init.c | 10 |
4 files changed, 22 insertions, 2 deletions
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c index 4bcd534c8..76ac02e16 100644 --- a/src/providers/ipa/ipa_common.c +++ b/src/providers/ipa/ipa_common.c @@ -42,7 +42,7 @@ struct dp_option ipa_def_ldap_opts[] = { { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_default_authtok_type", DP_OPT_STRING, NULL_STRING, NULL_STRING}, { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB }, - { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER }, + { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER }, { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING }, diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c index f3fa610e5..eeecc371f 100644 --- a/src/providers/ipa/ipa_init.c +++ b/src/providers/ipa/ipa_init.c @@ -130,6 +130,16 @@ int sssm_ipa_id_init(struct be_ctx *bectx, goto done; } + /* FIXME: This is a workaround for 1.2.0. In the future, we need to have + * separate timeouts for enumeration operations + * If enumeration is enabled and the search timeout is less + * than 30s, force it to a minimum of 30s. + */ + if(bectx->domain->enumerate && + dp_opt_get_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT) < 30) { + dp_opt_set_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT, 30); + } + if(dp_opt_get_bool(ipa_options->basic, IPA_DYNDNS_UPDATE)) { /* Perform automatic DNS updates when the * IP address changes. diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c index 8fcea9677..0257ef638 100644 --- a/src/providers/ldap/ldap_common.c +++ b/src/providers/ldap/ldap_common.c @@ -36,7 +36,7 @@ struct dp_option default_basic_opts[] = { { "ldap_default_bind_dn", DP_OPT_STRING, NULL_STRING, NULL_STRING }, { "ldap_default_authtok_type", DP_OPT_STRING, NULL_STRING, NULL_STRING}, { "ldap_default_authtok", DP_OPT_BLOB, NULL_BLOB, NULL_BLOB }, - { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 60 }, NULL_NUMBER }, + { "ldap_search_timeout", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER }, { "ldap_network_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_opt_timeout", DP_OPT_NUMBER, { .number = 6 }, NULL_NUMBER }, { "ldap_tls_reqcert", DP_OPT_STRING, { "hard" }, NULL_STRING }, diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index 5c6f4b790..af98d8e52 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -82,6 +82,16 @@ int sssm_ldap_id_init(struct be_ctx *bectx, goto done; } + /* FIXME: This is a workaround for 1.2.0. In the future, we need to have + * separate timeouts for enumeration operations + * If enumeration is enabled and the search timeout is less + * than 30s, force it to a minimum of 30s. + */ + if(bectx->domain->enumerate && + dp_opt_get_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT) < 30) { + dp_opt_set_int(ctx->opts->basic, SDAP_SEARCH_TIMEOUT, 30); + } + dns_service_name = dp_opt_get_string(ctx->opts->basic, SDAP_DNS_SERVICE_NAME); DEBUG(7, ("Service name for discovery set to %s\n", dns_service_name)); |