diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2016-03-18 09:49:41 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-04-13 17:52:22 +0200 |
commit | 1f0959735f9828a09439f17f1468dcd3dfb914db (patch) | |
tree | 45ccb4b78794a07c5d6d890338f8d3c9f7d8c4fa /install/tools | |
parent | b23ad42269c606f234f4f8c545e3c763e648f551 (diff) | |
download | freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.tar.gz freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.tar.xz freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.zip |
differentiate between limit types when LDAP search exceeds configured limits
When LDAP search fails on exceeded limits, we should raise an specific
exception for the type of limit raised (size, time, administrative) so that
the consumer can distinguish between e.g. searches returning too many entries
and those timing out.
https://fedorahosted.org/freeipa/ticket/5677
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Diffstat (limited to 'install/tools')
-rwxr-xr-x | install/tools/ipa-httpd-kdcproxy | 6 | ||||
-rwxr-xr-x | install/tools/ipactl | 6 |
2 files changed, 4 insertions, 8 deletions
diff --git a/install/tools/ipa-httpd-kdcproxy b/install/tools/ipa-httpd-kdcproxy index 5e67f61a6..c14b3a721 100755 --- a/install/tools/ipa-httpd-kdcproxy +++ b/install/tools/ipa-httpd-kdcproxy @@ -97,10 +97,8 @@ class KDCProxyConfig(object): def _find_entry(self, dn, attrs, filter, scope=IPAdmin.SCOPE_BASE): """Find an LDAP entry, handles NotFound and Limit""" try: - entries, truncated = self.con.find_entries( - filter, attrs, dn, scope, time_limit=self.time_limit) - if truncated: - raise errors.LimitsExceeded() + entries = self.con.get_entries( + dn, scope, filter, attrs, time_limit=self.time_limit) except errors.NotFound: self.log.debug('Entry not found: %s', dn) return None diff --git a/install/tools/ipactl b/install/tools/ipactl index fb1e890ea..b41b10c8a 100755 --- a/install/tools/ipactl +++ b/install/tools/ipactl @@ -160,14 +160,12 @@ def get_config(dirsrv): wait_for_open_ports(host, [int(port)], timeout=api.env.startup_timeout) con = IPAdmin(ldap_uri=api.env.ldap_uri) con.do_external_bind() - res, truncated = con.find_entries( + res = con.get_entries( + base, filter=srcfilter, attrs_list=attrs, - base_dn=base, scope=con.SCOPE_SUBTREE, time_limit=10) - if truncated: - raise errors.LimitsExceeded() except errors.NetworkError: # LSB status code 3: program is not running raise IpactlError("Failed to get list of services to probe status:\n" + |