Martin Babinsky wrote: > On 01/21/2016 01:37 PM, thierry bordaz wrote: > 6.) > > + while attempt != MAX_WAIT: > + try: > + entries = conn.get_entries(sharedcfgdn, > scope=ldap.SCOPE_ONELEVEL, filter='dnaHostname=%s' % self.fqdn) > + break > + except errors.NotFound: > + root_logger.debug("So far enable not find DNA shared > config entry for dnaHostname=%s under %s. Retry in 2sec" % (self.fqdn, > sharedcfgdn)) > + attempt = attempt + 1 > + time.sleep(2) > + continue > + > + # safety checking > + # there is no return, if there are several entries, as a > workaround of #5510 > + if len(entries) != 1: > > I am quite afraid what would happen if the server does not return any > entries until 30 s timeout. The code will then continue to the condition > which can potentially test an uninitialized variable and blow up with > 'NameError'. This should be handled more robustly, e. g. raise an > exception when a timeout is reached and no entries were returned.
I agree, but note that it is a 60s timeout (30 tries x 2 second sleeps). This will blow up if something other than NotFound is returned (e.g. connection error), and maybe that's ok. The continue is not needed. rob -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code