yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #76818
[Bug 1798184] Re: PY3: python3-ldap does not allow bytes for DN/RDN/field names
Marked as fix released for upstream ldappool as this is fixed in 2.3.1
** Also affects: keystone (Ubuntu)
Importance: Undecided
Status: New
** Also affects: keystone (Ubuntu Disco)
Importance: Undecided
Status: New
** Also affects: keystone (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Changed in: keystone (Ubuntu Cosmic)
Status: New => Triaged
** Changed in: keystone (Ubuntu Cosmic)
Importance: Undecided => High
** Changed in: keystone (Ubuntu Disco)
Status: New => Triaged
** Changed in: keystone (Ubuntu Disco)
Importance: Undecided => High
** Also affects: cloud-archive
Importance: Undecided
Status: New
** Also affects: cloud-archive/rocky
Importance: Undecided
Status: New
** Also affects: cloud-archive/stein
Importance: Undecided
Status: New
** Changed in: cloud-archive/rocky
Status: New => Triaged
** Changed in: cloud-archive/stein
Status: New => Triaged
** Changed in: cloud-archive/rocky
Importance: Undecided => High
** Changed in: cloud-archive/stein
Importance: Undecided => High
** Also affects: python-ldappool (Ubuntu)
Importance: Undecided
Status: New
** Changed in: python-ldappool (Ubuntu Cosmic)
Importance: Undecided => High
** Changed in: python-ldappool (Ubuntu Cosmic)
Status: New => Triaged
** Changed in: python-ldappool (Ubuntu Disco)
Importance: Undecided => High
** Changed in: python-ldappool (Ubuntu Disco)
Status: New => Triaged
** Changed in: ldappool
Status: New => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1798184
Title:
PY3: python3-ldap does not allow bytes for DN/RDN/field names
Status in Ubuntu Cloud Archive:
Triaged
Status in Ubuntu Cloud Archive rocky series:
Triaged
Status in Ubuntu Cloud Archive stein series:
Triaged
Status in OpenStack Identity (keystone):
Fix Released
Status in ldappool:
Fix Released
Status in keystone package in Ubuntu:
Triaged
Status in python-ldappool package in Ubuntu:
Triaged
Status in keystone source package in Cosmic:
Triaged
Status in python-ldappool source package in Cosmic:
Triaged
Status in keystone source package in Disco:
Triaged
Status in python-ldappool source package in Disco:
Triaged
Bug description:
Under Python 2, python-ldap uses bytes by default. Under Python 3 this
is removed and bytes aren't allowed for DN/RDN/field names.
More details are here: http://www.python-ldap.org/en/latest/bytes_mode.html#bytes-mode
and here: https://github.com/python-ldap/python-ldap/blob/python-ldap-3.1.0/Lib/ldap/ldapobject.py#L111
== initial traceback ==
Here's the initial traceback from the failure:
https://paste.ubuntu.com/p/67THZb2m5m/
The last bit of the error is:
File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 314, in _ldap_call
result = func(*args,**kwargs)
TypeError: simple_bind() argument 1 must be str or None, not bytes
A closer look at func shows:
func=<built-in method simple_bind of LDAP object at 0x7f9d0177b760>
args=(b'cn=admin,dc=test,dc=com', b'crapper', None, None)
== keystone ldap backend use of python-ldap ==
In simple_bind_s() of keystone's ldap backend, who and cred are
encoded as byte strings:
https://github.com/openstack/keystone/blob/14.0.0/keystone/identity/backends/ldap/common.py#L885
but that appears to no longer be valid use of python-ldap for py3.
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions
References