From 503f60ca349c5a5beaad699101ee1bd7cde0bac2 Mon Sep 17 00:00:00 2001 From: Alexej Tessaro Date: Tue, 24 Nov 2020 12:19:52 +0100 Subject: [PATCH] Limit ldap heartbeat search query scope and size --- lib/ldap.js | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/ldap.js b/lib/ldap.js index 9fd0c18e..d1c0713f 100644 --- a/lib/ldap.js +++ b/lib/ldap.js @@ -33,7 +33,12 @@ function initializeConnection () { }); connection.heartbeat = function (callback) { - connection.search('', '(objectclass=*)', function (err, res) { + const searchOpts = { + filter: '(objectclass=person)', + scope: 'sub', + sizeLimit: 1 + }; + connection.search(nconf.get('LDAP_BASE'), searchOpts , function (err, res) { if (err) { return callback(err); } @@ -47,7 +52,12 @@ function initializeConnection () { res.once('error', function(err) { client.removeAllListeners('end'); clearTimeout(abort); - callback(err); + // if there are more than one entry matching the search, the server returns the one entry and a SizeLimitExceededError error + if (err.name === 'SizeLimitExceededError') { + callback(); + } else { + callback(err); + } }).once('end', function () { client.removeAllListeners('error'); clearTimeout(abort);