From 7ed5faf4ce8b25c26790683889b3591701b5a1a0 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 6 Apr 2023 08:54:02 +1200 Subject: [PATCH 1/2] dsdb/tests: Move SD modification on class-created objects to classSetUp These modifications persist, so should be done at the class level, not in the test. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15351 Signed-off-by: Andrew Bartlett Reviewed-by: Joseph Sutton (cherry picked from commit e1c0c2066c2f29bb614e3386b796eec3cb289aea) --- source4/dsdb/tests/python/large_ldap.py | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/source4/dsdb/tests/python/large_ldap.py b/source4/dsdb/tests/python/large_ldap.py index 0da79da6f73..ff172eecf70 100644 --- a/source4/dsdb/tests/python/large_ldap.py +++ b/source4/dsdb/tests/python/large_ldap.py @@ -146,6 +146,14 @@ class LargeLDAPTest(samba.tests.TestCase): "sAMAccountName": user_name, "jpegPhoto": b'a' * (2 * 1024 * 1024)}) + ace = "(OD;;RP;{6bc69afa-7bd9-4184-88f5-28762137eb6a};;S-1-%d)" % x + dn = ldb.Dn(cls.ldb, "cn=" + user_name + "," + str(cls.ou_dn)) + + # add an ACE that denies access to the above random attr + # for a not-existing user. This makes each SD distinct + # and so will slow SD parsing. + cls.sd_utils.dacl_add_ace(dn, ace) + @classmethod def tearDownClass(cls): # Remake the connection for tear-down (old Samba drops the socket) @@ -290,16 +298,6 @@ class LargeLDAPTest(samba.tests.TestCase): session_info=system_session(lp), lp=lp) - for x in range(200): - user_name = self.USER_NAME + format(x, "03") - ace = "(OD;;RP;{6bc69afa-7bd9-4184-88f5-28762137eb6a};;S-1-%d)" % x - dn = ldb.Dn(self.ldb, "cn=" + user_name + "," + str(self.ou_dn)) - - # add an ACE that denies access to the above random attr - # for a not-existing user. This makes each SD distinct - # and so will slow SD parsing. - self.sd_utils.dacl_add_ace(dn, ace) - # Create a large search expression that will take a long time to # evaluate. expression = f'(jpegPhoto=*X*)' * 1000 -- 2.25.1 From 7a1e0bf381c054ffde00a83e0cd4125add12a5df Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 6 Apr 2023 08:59:17 +1200 Subject: [PATCH 2/2] dsdb/tests: Double number of expressions in large_ldap.py ldap_timeout test By slowing the filter down more this makes the test reliable on the autobuild host. This is not a long-term solution, but is a quick tweak that can be done today to address current issues with getting commits past the host-based (compared with cloud-based) autobuild. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15351 Signed-off-by: Andrew Bartlett Reviewed-by: Joseph Sutton (cherry picked from commit 479634e4cd6543d489eb4700aebde1a479b94fe5) --- source4/dsdb/tests/python/large_ldap.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source4/dsdb/tests/python/large_ldap.py b/source4/dsdb/tests/python/large_ldap.py index ff172eecf70..cd8176363b5 100644 --- a/source4/dsdb/tests/python/large_ldap.py +++ b/source4/dsdb/tests/python/large_ldap.py @@ -300,7 +300,7 @@ class LargeLDAPTest(samba.tests.TestCase): # Create a large search expression that will take a long time to # evaluate. - expression = f'(jpegPhoto=*X*)' * 1000 + expression = '(jpegPhoto=*X*)' * 2000 expression = f'(|{expression})' # Perform the LDAP search. -- 2.25.1