Skip to content

Commit

Permalink
Define a sizelimit, hardcoded for a quick fix, but will add a flag la…
Browse files Browse the repository at this point in the history 
…ter on
  • Loading branch information
Rui Miguel Silva Seabra committed Jun 27, 2019
1 parent 563e948 commit 9344c8a
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions src/pam_ipahbac.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,7 @@ int ipa_check_hbac(char* ldapservers, const char* base, const char* binduser, co
const char* filter="(&(objectclass=ipahbacrule)(ipaenabledflag=true)(accessruletype=allow))";
char* attrs[] = { "memberuser", "memberhost", "memberservice", "usercategory", "hostcategory", "servicecategory", NULL } ;
int ldap_version=LDAP_VERSION3;
int ldap_sizelimit=1000;
LDAP* ld=NULL;
LDAPMessage* msg=NULL;
LDAPMessage* entry=NULL;
Expand All @@ -248,6 +249,12 @@ int ipa_check_hbac(char* ldapservers, const char* base, const char* binduser, co
return 0;
}

if (debug) syslog(LOG_DEBUG,"ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &ldap_sizelimit)\n");
if( ldap_set_option(ld, LDAP_OPT_SIZELIMIT, &ldap_sizelimit) != LDAP_OPT_SUCCESS ) {
syslog(LOG_ERR,"Error setting LDAP sizelimit\n");
return 0;
}

if (debug) syslog(LOG_DEBUG,"ldap_bind_s(ld, binduser, bindpw, LDAP_AUTH_SIMPLE)) != LDAP_SUCCESS )\n");
if( (retval = ldap_bind_s(ld, binduser, bindpw, LDAP_AUTH_SIMPLE)) != LDAP_SUCCESS ) {
syslog(LOG_ERR,"Error binding to LDAP: %s\n", ldap_err2string(retval));
Expand Down

0 comments on commit 9344c8a

Please sign in to comment.