OpenStack Identity (keystone)

Python3 type confusion breaks LDAP integration

Bug #1819017 reported by Marco Schuster on 2019-03-07

This bug report is a duplicate of: Bug #1798184: [SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Identity (keystone)	New	Undecided	Unassigned

Bug Description

This bug is also being filed in the Debian BTS: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923949

Enabling and configuring LDAP integration leads to a type confusion issue:

ERROR keystone.common.wsgi [xxx] simple_bind() argument 1 must be str or None, not bytes: TypeError: simple_bind() argument 1 must be str or None, not bytes
ERROR keystone.common.wsgi Traceback (most recent call last):
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/common/wsgi.py", line 148, in __call__
ERROR keystone.common.wsgi result = method(req, **params)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/common/controller.py", line 103, in wrapper
ERROR keystone.common.wsgi return f(self, request, filters, **kwargs)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/controllers.py", line 71, in list_users
ERROR keystone.common.wsgi domain_scope=domain, hints=hints
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/common/manager.py", line 116, in wrapped
ERROR keystone.common.wsgi __ret_val = __f(*args, **kwargs)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 416, in wrapper
ERROR keystone.common.wsgi return f(self, *args, **kwargs)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 426, in wrapper
ERROR keystone.common.wsgi return f(self, *args, **kwargs)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 1061, in list_users
ERROR keystone.common.wsgi ref_list = self._handle_shadow_and_local_users(driver, hints)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/core.py", line 1044, in _handle_shadow_and_local_users
ERROR keystone.common.wsgi return driver.list_users(hints) + fed_res
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/core.py", line 87, in list_users
ERROR keystone.common.wsgi return self.user.get_all_filtered(hints)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/core.py", line 327, in get_all_filtered
ERROR keystone.common.wsgi for user in self.get_all(query, hints)]
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/core.py", line 319, in get_all
ERROR keystone.common.wsgi hints=hints)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/common.py", line 1850, in get_all
ERROR keystone.common.wsgi return super(EnabledEmuMixIn, self).get_all(ldap_filter, hints)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/common.py", line 1552, in get_all
ERROR keystone.common.wsgi for x in self._ldap_get_all(hints, ldap_filter)]
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/common/driver_hints.py", line 42, in wrapper
ERROR keystone.common.wsgi return f(self, hints, *args, **kwargs)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/common.py", line 1500, in _ldap_get_all
ERROR keystone.common.wsgi with self.get_connection() as conn:
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/common.py", line 1251, in get_connection
ERROR keystone.common.wsgi conn.simple_bind_s()
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/common.py", line 892, in simple_bind_s
ERROR keystone.common.wsgi clientctrls=clientctrls)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/keystone/identity/backends/ldap/common.py", line 747, in simple_bind_s
ERROR keystone.common.wsgi with self._get_pool_connection() as conn:
ERROR keystone.common.wsgi File "/usr/lib/python3.7/contextlib.py", line 112, in __enter__
ERROR keystone.common.wsgi return next(self.gen)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldappool/__init__.py", line 344, in connection
ERROR keystone.common.wsgi conn = self._get_connection(bind, passwd)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldappool/__init__.py", line 294, in _get_connection
ERROR keystone.common.wsgi conn = self._create_connector(bind, passwd)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldappool/__init__.py", line 253, in _create_connector
ERROR keystone.common.wsgi self._bind(conn, bind, passwd)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldappool/__init__.py", line 226, in _bind
ERROR keystone.common.wsgi conn.simple_bind_s(bind, passwd)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldappool/__init__.py", line 100, in simple_bind_s
ERROR keystone.common.wsgi clientctrls)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1215, in simple_bind_s
ERROR keystone.common.wsgi res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 1197, in _apply_method_s
ERROR keystone.common.wsgi return func(self,*args,**kwargs)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 443, in simple_bind_s
ERROR keystone.common.wsgi msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 437, in simple_bind
ERROR keystone.common.wsgi return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
ERROR keystone.common.wsgi File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 313, in _ldap_call
ERROR keystone.common.wsgi result = func(*args,**kwargs)
ERROR keystone.common.wsgi TypeError: simple_bind() argument 1 must be str or None, not bytes

Revision history for this message

Colleen Murphy (krinkle) wrote on 2019-03-08:

This is already fixed in master and the backport to rocky is in progress: https://review.openstack.org/613648

See bug #1798184 for more details.

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1798184 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.