oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Make LDAP code fetch less attributes from LDAP server when KDC is asking

Browse Source 
Johan Gadsjö did a awesome analysis of the LDAP access pattens
and sent us a patch that reduced the calls the ldap server by 4
times as many. The patch was adopted and change to avoid compile
time depencies and make the determination runtime instead. Thanks!
This commit is contained in:
Love Hornquist Astrand
2009-10-03 13:20:41 -07:00
parent 6f857bc86d
commit ff87429593
11 changed files with 40 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/kadm5/chpass_s.c
View File

@@ -54,7 +54,7 @@ change(void *server_handle,
return ret;
ret = context->db->hdb_fetch(context->context, context->db, princ,
HDB_F_DECRYPT|HDB_F_GET_ANY, &ent);
HDB_F_DECRYPT|HDB_F_GET_ANY|HDB_F_ADMIN_DATA, &ent);
if(ret)
goto out;
@@ -167,7 +167,7 @@ kadm5_s_chpass_principal_with_key(void *server_handle,
if(ret)
return ret;
ret = context->db->hdb_fetch(context->context, context->db, princ,
HDB_F_GET_ANY, &ent);
HDB_F_GET_ANY|HDB_F_ADMIN_DATA, &ent);
if(ret == HDB_ERR_NOENTRY)
goto out;
ret = _kadm5_set_keys2(context, &ent.entry, n_key_data, key_data);