Bug#852536: Fail to encode distinguished name (ldap) with special character

Wed, 25 Jan 2017 02:16:17 -0800 

Package: keystone
Version: 2:10.0.0-6
Tags: patch

Hello,

We have installed keystone with ldap integration and if a user with a special 
character (ä,ö,ü ...) in the distinguished name (dn) tries to log in to horzion 
it fails.
With the following error message:

2017-01-18 16:01:04.740536 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi Traceback (most recent call last):
2017-01-18 16:01:04.740540 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/common/wsgi.py", line 225, in 
__call__
2017-01-18 16:01:04.740544 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     result = method(req, **params)
2017-01-18 16:01:04.740547 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/auth/controllers.py", line 401, in 
authenticate_for_token
2017-01-18 16:01:04.740561 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     self.authenticate(request, auth_info, auth_context)
2017-01-18 16:01:04.740565 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/auth/controllers.py", line 528, in 
authenticate
2017-01-18 16:01:04.740568 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     auth_context)
2017-01-18 16:01:04.740572 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/auth/plugins/password.py", line 36, 
in authenticate
2017-01-18 16:01:04.740576 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     password=user_info.password)
2017-01-18 16:01:04.740579 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/common/manager.py", line 124, in 
wrapped
2017-01-18 16:01:04.740583 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     __ret_val = __f(*args, **kwargs)
2017-01-18 16:01:04.740587 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/notifications.py", line 488, in 
wrapper
2017-01-18 16:01:04.740590 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     result = f(wrapped_self, request, user_id, *args, 
**kwargs)
2017-01-18 16:01:04.740594 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 416, in 
wrapper
2017-01-18 16:01:04.740598 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     return f(self, *args, **kwargs)
2017-01-18 16:01:04.740601 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 426, in 
wrapper
2017-01-18 16:01:04.740605 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     return f(self, *args, **kwargs)
2017-01-18 16:01:04.740608 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/core.py", line 832, in 
authenticate
2017-01-18 16:01:04.740612 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     ref = driver.authenticate(entity_id, password)
2017-01-18 16:01:04.740616 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/core.py", 
line 59, in authenticate
2017-01-18 16:01:04.740619 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     user_ref = self._get_user(user_id)
2017-01-18 16:01:04.740623 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/core.py", 
line 78, in _get_user
2017-01-18 16:01:04.740626 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     return self.user.get(user_id)
2017-01-18 16:01:04.740630 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/common.py", 
line 1911, in get
2017-01-18 16:01:04.740634 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     ref = super(EnabledEmuMixIn, self).get(object_id, 
ldap_filter)
2017-01-18 16:01:04.740637 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/common.py", 
line 1518, in get
2017-01-18 16:01:04.740641 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     res = self._ldap_get(object_id, ldap_filter)
2017-01-18 16:01:04.740645 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/common.py", 
line 1454, in _ldap_get
2017-01-18 16:01:04.740648 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     attrs)
2017-01-18 16:01:04.740652 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/common.py", 
line 947, in search_s
2017-01-18 16:01:04.740656 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     attrlist_utf8, attrsonly)
2017-01-18 16:01:04.740666 2017-01-18 16:01:04.736 20713 E/aRROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/common.py", 
line 640, in wrapper
2017-01-18 16:01:04.740670 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     return func(self, conn, *args, **kwargs)
2017-01-18 16:01:04.740674 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/keystone/identity/backends/ldap/common.py", 
line 769, in search_s
2017-01-18 16:01:04.740677 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     attrsonly)
2017-01-18 16:01:04.740681 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 768, in search_s
2017-01-18 16:01:04.740685 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     return 
self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
2017-01-18 16:01:04.740688 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 1134, in 
search_ext_s
2017-01-18 16:01:04.740692 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     return 
self._apply_method_s(SimpleLDAPObject.search_ext_s,*args,**kwargs)
2017-01-18 16:01:04.740696 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 1071, in 
_apply_method_s
2017-01-18 16:01:04.740699 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     return func(self,*args,**kwargs)
2017-01-18 16:01:04.740703 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 761, in search_ext_s
2017-01-18 16:01:04.740707 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     msgid = 
self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
2017-01-18 16:01:04.740710 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 757, in search_ext
2017-01-18 16:01:04.740714 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     timeout,sizelimit,
2017-01-18 16:01:04.740717 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi   File 
"/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 263, in _ldap_call
2017-01-18 16:01:04.740721 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi     result = func(*args,**kwargs)
2017-01-18 16:01:04.740725 2017-01-18 16:01:04.736 20713 ERROR 
keystone.common.wsgi UnicodeEncodeError: 'ascii' codec can't encode character 
u'\\xfc' in position 8: ordinal not in range(128)

That occures because python is trying to encode those character in ascii. 
If you set the default encoding to 'utf-8' the problem should be fixed.

Regards,
Sakirnth Nagarasa
Author: Sakirnth Nagarasa <sakirnth.nagar...@bfh.ch>
Description: Allows user with special character log on into dashboard

diff -Naurp keystone.orig/keystone/identity/backends/ldap/common.py
--- keystone.orig/keystone/identity/backends/ldap/common.py
+++ keystone/keystone/identity/backends/ldap/common.py
@@ -18,6 +18,8 @@ import functools
 import os.path
 import re
 import sys
+reload(sys)
+sys.setdefaultencoding('utf-8')
 import weakref
 
 import ldap.controls

Reply via email to