Public bug reported: Bug is probably related with this one:
https://bugs.launchpad.net/keystone/+bug/1798184 https://bugs.launchpad.net/keystone/+bug/1820333 On keystone 14.1.0 (Rocky) it trows exception when there are UTF-8 encoded characters on users's DN. We're using openldap. In our schema DN is cn=first_name last_name,ou=employee,ou=users,dc=(...). In Poland names with local, utf encoded leters are very common. It looks like bug can be fixed by following change: --- a/keystone/identity/backends/ldap/common.py +++ b/keystone/identity/backends/ldap/common.py @@ -177,7 +177,7 @@ def convert_ldap_result(ldap_result): ldap_attrs[kind] = [val2py(x) for x in values] except UnicodeDecodeError: LOG.debug('Unable to decode value for attribute %s', kind) - py_result.append((dn, ldap_attrs)) + py_result.append((utf8_decode(dn), ldap_attrs)) if at_least_one_referral: LOG.debug('Referrals were returned and ignored. Enable referral ' 'chasing in keystone.conf via [ldap] chase_referrals') ** Affects: keystone Importance: Undecided Status: New -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1862606 Title: LDAP support broken if UTF8 characters in DN (python2) Status in OpenStack Identity (keystone): New Bug description: Bug is probably related with this one: https://bugs.launchpad.net/keystone/+bug/1798184 https://bugs.launchpad.net/keystone/+bug/1820333 On keystone 14.1.0 (Rocky) it trows exception when there are UTF-8 encoded characters on users's DN. We're using openldap. In our schema DN is cn=first_name last_name,ou=employee,ou=users,dc=(...). In Poland names with local, utf encoded leters are very common. It looks like bug can be fixed by following change: --- a/keystone/identity/backends/ldap/common.py +++ b/keystone/identity/backends/ldap/common.py @@ -177,7 +177,7 @@ def convert_ldap_result(ldap_result): ldap_attrs[kind] = [val2py(x) for x in values] except UnicodeDecodeError: LOG.debug('Unable to decode value for attribute %s', kind) - py_result.append((dn, ldap_attrs)) + py_result.append((utf8_decode(dn), ldap_attrs)) if at_least_one_referral: LOG.debug('Referrals were returned and ignored. Enable referral ' 'chasing in keystone.conf via [ldap] chase_referrals') To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1862606/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
