URL: https://github.com/freeipa/freeipa/pull/2578 Author: rcritten Title: #2578: [Backport][ipa-4-7] ipa-kdb: reduce LDAP operations timeout to 30 seconds Action: opened
PR body: """ This PR was opened automatically because PR #2575 was pushed to master and backport to ipa-4-7 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2578/head:pr2578 git checkout pr2578
From 2929a08d3bebc00b969ea6a6411261b7f1846fc7 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy <aboko...@redhat.com> Date: Fri, 16 Nov 2018 13:24:46 +0200 Subject: [PATCH] ipa-kdb: reduce LDAP operations timeout to 30 seconds Since LDAP operations used by ipa-kdb driver are synchronous, the timeout specified here is blocking entire KDC. It is worth reducing the timeout and since AS REQ processing timeout in KDC is 1 minute, reducing the timeout for LDAP operations down to 30 seconds allows KDC to respond promptly in worst case scenario as well. Fixes: https://pagure.io/freeipa/issue/7217 --- daemons/ipa-kdb/ipa_kdb_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/daemons/ipa-kdb/ipa_kdb_common.c b/daemons/ipa-kdb/ipa_kdb_common.c index e2592cea3f..d86f4f5307 100644 --- a/daemons/ipa-kdb/ipa_kdb_common.c +++ b/daemons/ipa-kdb/ipa_kdb_common.c @@ -23,7 +23,7 @@ #include "ipa_kdb.h" #include <unicase.h> -static struct timeval std_timeout = {300, 0}; +static struct timeval std_timeout = {30, 0}; char *ipadb_filter_escape(const char *input, bool star) {
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org