Martin Babinsky wrote:
> On 01/21/2016 01:37 PM, thierry bordaz wrote:

> 6.)
> 
> +        while attempt != MAX_WAIT:
> +            try:
> +                entries = conn.get_entries(sharedcfgdn,
> scope=ldap.SCOPE_ONELEVEL, filter='dnaHostname=%s' % self.fqdn)
> +                break
> +            except errors.NotFound:
> +                root_logger.debug("So far enable not find DNA shared
> config entry for dnaHostname=%s under %s. Retry in 2sec" % (self.fqdn,
> sharedcfgdn))
> +                attempt = attempt + 1
> +                time.sleep(2)
> +                continue
> +
> +        # safety checking
> +        # there is no return, if there are several entries, as a
> workaround of #5510
> +        if len(entries) != 1:
> 
> I am quite afraid what would happen if the server does not return any
> entries until 30 s timeout. The code will then continue to the condition
> which can potentially test an uninitialized variable and blow up with
> 'NameError'. This should be handled more robustly, e. g. raise an
> exception when a timeout is reached and no entries were returned.

I agree, but note that it is a 60s timeout (30 tries x 2 second sleeps).

This will blow up if something other than NotFound is returned (e.g.
connection error), and maybe that's ok.

The continue is not needed.

rob

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to