diff options
| author | Martin Babinsky <mbabinsk@redhat.com> | 2016-03-18 09:49:41 +0100 |
|---|---|---|
| committer | Martin Basti <mbasti@redhat.com> | 2016-04-13 17:52:22 +0200 |
| commit | 1f0959735f9828a09439f17f1468dcd3dfb914db (patch) | |
| tree | 45ccb4b78794a07c5d6d890338f8d3c9f7d8c4fa /ipaserver | |
| parent | b23ad42269c606f234f4f8c545e3c763e648f551 (diff) | |
| download | freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.tar.gz freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.tar.xz freeipa-1f0959735f9828a09439f17f1468dcd3dfb914db.zip | |
differentiate between limit types when LDAP search exceeds configured limits
When LDAP search fails on exceeded limits, we should raise an specific
exception for the type of limit raised (size, time, administrative) so that
the consumer can distinguish between e.g. searches returning too many entries
and those timing out.
https://fedorahosted.org/freeipa/ticket/5677
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index a1f1e1982..d50ae1698 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -230,12 +230,13 @@ class ldap2(CrudBackend, LDAPClient): # Not in our context yet pass try: + # use find_entries here lest we hit an infinite recursion when + # ldap2.get_entries tries to determine default time/size limits (entries, truncated) = self.find_entries( None, attrs_list, base_dn=dn, scope=self.SCOPE_BASE, time_limit=2, size_limit=10 ) - if truncated: - raise errors.LimitsExceeded() + self.handle_truncated_result(truncated) config_entry = entries[0] except errors.NotFound: config_entry = self.make_entry(dn) |