oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Make LDAP code fetch less attributes from LDAP server when KDC is asking

Browse Source 
Johan Gadsjö did a awesome analysis of the LDAP access pattens
and sent us a patch that reduced the calls the ldap server by 4
times as many. The patch was adopted and change to avoid compile
time depencies and make the determination runtime instead. Thanks!
This commit is contained in:
Love Hornquist Astrand
2009-10-03 13:20:41 -07:00
parent 6f857bc86d
commit ff87429593
11 changed files with 40 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/kadm5/delete_s.c
View File

@@ -49,7 +49,7 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ)
return ret;
}
ret = context->db->hdb_fetch(context->context, context->db, princ,
HDB_F_DECRYPT|HDB_F_GET_ANY, &ent);
HDB_F_DECRYPT|HDB_F_GET_ANY|HDB_F_ADMIN_DATA, &ent);
if(ret == HDB_ERR_NOENTRY)
goto out;
if(ent.entry.flags.immutable) {