[Bug 1798184] Re: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names
This is fixed in rocky with keystone version 2:14.0.1-0ubuntu3. ** Changed in: keystone/rocky Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to python-ldappool in Ubuntu. https://bugs.launchpad.net/bugs/1798184 Title: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1798184] Re: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names
** Changed in: cloud-archive/stein Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to python-ldappool in Ubuntu. https://bugs.launchpad.net/bugs/1798184 Title: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1798184] Re: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names
This bug was fixed in the package keystone - 2:14.0.1-0ubuntu3~cloud0 --- keystone (2:14.0.1-0ubuntu3~cloud0) bionic-rocky; urgency=medium . * New update for the Ubuntu Cloud Archive. . keystone (2:14.0.1-0ubuntu3) cosmic; urgency=medium . * d/control, d/p/py3-switch-to-using-unicode-text-values.patch: Enable Keystone LDAP Python 3 support. Patch is cherry-picked from https://review.openstack.org/613648 (LP: #1798184). * d/p/ensure-LDAP-searches-use-unicode-attributes.patch: Cherry-picked from https://review.openstack.org/#/c/643670/ to fix LDAP backend searches (LP: #1820333). ** Changed in: cloud-archive/rocky Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to python-ldappool in Ubuntu. https://bugs.launchpad.net/bugs/1798184 Title: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1798184] Re: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names
This has been verified successfully on cosmic-proposed and rocky- proposed. I've added testing details to the other bug that is accompanying this fix at: https://bugs.launchpad.net/keystone/+bug/1820333/comments/7 https://bugs.launchpad.net/keystone/+bug/1820333/comments/8 ** Tags removed: verification-needed verification-needed-cosmic ** Tags added: verification-done verification-done-cosmic ** Changed in: keystone/rocky Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to python-ldappool in Ubuntu. https://bugs.launchpad.net/bugs/1798184 Title: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1798184] Re: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names
** Changed in: cloud-archive Status: Fix Released => Fix Committed ** Changed in: cloud-archive/rocky Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to python-ldappool in Ubuntu. https://bugs.launchpad.net/bugs/1798184 Title: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1798184] Re: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names
Verification on cosmic-proposed failed (See bug in comment #19). I'm working on a fix for that. ** Tags removed: verification-needed verification-needed-cosmic ** Tags added: verification-failed verification-failed-cosmic -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to python-ldappool in Ubuntu. https://bugs.launchpad.net/bugs/1798184 Title: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1798184] Re: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names
** Summary changed: - PY3: python3-ldap does not allow bytes for DN/RDN/field names + [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names ** Description changed: + [Impact] + Keystone LDAP backend doesn't work for PY3. + Under Python 2, python-ldap uses bytes by default. Under Python 3 this is removed and bytes aren't allowed for DN/RDN/field names. More details are here: http://www.python-ldap.org/en/latest/bytes_mode.html#bytes-mode and here: https://github.com/python-ldap/python-ldap/blob/python-ldap-3.1.0/Lib/ldap/ldapobject.py#L111 == initial traceback == Here's the initial traceback from the failure: https://paste.ubuntu.com/p/67THZb2m5m/ The last bit of the error is: - File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 314, in _ldap_call - result = func(*args,**kwargs) + File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 314, in _ldap_call + result = func(*args,**kwargs) TypeError: simple_bind() argument 1 must be str or None, not bytes A closer look at func shows: func= args=(b'cn=admin,dc=test,dc=com', b'crapper', None, None) == keystone ldap backend use of python-ldap == In simple_bind_s() of keystone's ldap backend, who and cred are encoded as byte strings: https://github.com/openstack/keystone/blob/14.0.0/keystone/identity/backends/ldap/common.py#L885 but that appears to no longer be valid use of python-ldap for py3. + + + [Test Case] + + Run charm-keystone-ldap functional tests for OpenStack Rocky or above. + + [Regression Potential] + The only regression potential would be for PY2 code paths. PY3 code paths never worked for keystone's LDAP backend. The approach to the patch have purposefully minimized amount of code required and therefore regression potential for PY2. Note that Rocky for Ubuntu supports PY2 but as of Stein Ubuntu has dropped PY2 support. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to python-ldappool in Ubuntu. https://bugs.launchpad.net/bugs/1798184 Title: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1798184/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
