Non-Latin charated in base DN results in backend initialization failure: ERROR 'ascii' codec can't decode byte 0xd0 in position 94: ordinal not in range(128)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
Undecided
|
Unassigned | ||
OpenStack Keystone Charm |
Fix Released
|
Critical
|
David Ames | ||
OpenStack Keystone LDAP integration |
Invalid
|
Medium
|
Unassigned |
Bug Description
== Steps to reproduce
Deploy a keystone-ldap charm and provide a following ldap-user DN: "CN=openstack openstack,
== Problem statement
cloud: focal-ussuri, latest stable charms
The project I'm working on has an LDAP integration, and I've been given a following base DN: "CN=openstack openstack,
If I'll remove a non-latin OU part - then Keystone is trying to authenticate, but failing, complaining about invalid bind credentials. Then, if I'll return the "OU=Технологические пользователи" part back, the following occurs in keystone.log:
(keystone.
Traceback (most recent call last):
File "/usr/lib/
return method(self, request)
File "/usr/lib/
resp = super(AuthConte
File "/usr/lib/
data, user_auth_ref = self._do_
File "/usr/lib/
data = self.fetch_
File "/usr/lib/
self.token = self.token_
File "/usr/lib/
__ret_val = __f(*args, **kwargs)
File "/usr/lib/
token = self._validate_
File "<decorator-
File "/usr/lib/
return self.get_or_create(
File "/usr/lib/
with Lock(
File "/usr/lib/
return self._enter()
File "/usr/lib/
generated = self._enter_
File "/usr/lib/
return self.creator()
File "/usr/lib/
created_value = creator(
File "/usr/lib/
token.
File "/usr/lib/
self.
File "/usr/lib/
if not self.user_
File "/usr/lib/
if self.user:
File "/usr/lib/
self.__user = PROVIDERS.
File "/usr/lib/
__ret_val = __f(*args, **kwargs)
File "/usr/lib/
self.
File "/usr/lib/
self.
File "/usr/lib/
self.
File "/usr/lib/
domain_
File "/usr/lib/
self._namespace = self._parse_
File "/usr/lib/
return self._parse_
File "/usr/lib/
ConfigParse
File "/usr/lib/
parser.parse()
File "/usr/lib/
return super(ConfigParser, self).parse(
File "/usr/lib/
return codecs.
UnicodeDecodeError: 'ascii' codec can't decode byte 0xd0 in position 94: ordinal not in range(128)
(keystone.
Apparently, it's trying to read the domain config and something goes wrong at this step (as there's even no authentication attempt being made).
Changed in charm-keystone-ldap: | |
status: | In Progress → Triaged |
Changed in charm-keystone-ldap: | |
assignee: | Aurelien Lourot (aurelien-lourot) → nobody |
Changed in charm-keystone: | |
status: | Fix Committed → Fix Released |
milestone: | none → 21.04 |
Adding ~field-critical as there's no workaround currently for this issue, and there's no option to avoid using non-Latin characters in the customers LDAP server.