| 2018-10-16 19:21:02 |
Corey Bryant |
bug |
|
|
added bug |
| 2018-10-16 19:21:33 |
Corey Bryant |
summary |
PY3: python3-ldap does not allow bytes for no bytes for DN/RDN/field names |
PY3: python3-ldap does not allow bytes for DN/RDN/field names |
|
| 2018-10-16 19:50:14 |
Colleen Murphy |
keystone: status |
New |
Triaged |
|
| 2018-10-16 19:50:18 |
Colleen Murphy |
keystone: importance |
Undecided |
Medium |
|
| 2018-10-16 19:50:23 |
Colleen Murphy |
tags |
|
ldap |
|
| 2018-10-16 22:43:43 |
OpenStack Infra |
keystone: status |
Triaged |
In Progress |
|
| 2018-10-16 22:43:43 |
OpenStack Infra |
keystone: assignee |
|
Corey Bryant (corey.bryant) |
|
| 2018-10-17 17:14:17 |
Corey Bryant |
bug task added |
|
ldappool |
|
| 2018-10-31 18:18:16 |
OpenStack Infra |
tags |
ldap |
in-stable-queens ldap |
|
| 2018-12-26 21:07:00 |
tom king |
bug |
|
|
added subscriber tom king |
| 2019-01-30 22:43:59 |
OpenStack Infra |
keystone: status |
In Progress |
Fix Released |
|
| 2019-01-31 03:10:28 |
Lance Bragstad |
keystone: milestone |
|
stein-3 |
|
| 2019-01-31 13:42:34 |
Corey Bryant |
bug task added |
|
keystone (Ubuntu) |
|
| 2019-01-31 13:43:35 |
Corey Bryant |
nominated for series |
|
Ubuntu Disco |
|
| 2019-01-31 13:43:35 |
Corey Bryant |
bug task added |
|
keystone (Ubuntu Disco) |
|
| 2019-01-31 13:43:35 |
Corey Bryant |
nominated for series |
|
Ubuntu Cosmic |
|
| 2019-01-31 13:43:35 |
Corey Bryant |
bug task added |
|
keystone (Ubuntu Cosmic) |
|
| 2019-01-31 13:43:49 |
Corey Bryant |
keystone (Ubuntu Cosmic): status |
New |
Triaged |
|
| 2019-01-31 13:43:51 |
Corey Bryant |
keystone (Ubuntu Cosmic): importance |
Undecided |
High |
|
| 2019-01-31 13:43:54 |
Corey Bryant |
keystone (Ubuntu Disco): status |
New |
Triaged |
|
| 2019-01-31 13:43:56 |
Corey Bryant |
keystone (Ubuntu Disco): importance |
Undecided |
High |
|
| 2019-01-31 13:44:05 |
Corey Bryant |
bug task added |
|
cloud-archive |
|
| 2019-01-31 13:44:17 |
Corey Bryant |
nominated for series |
|
cloud-archive/rocky |
|
| 2019-01-31 13:44:17 |
Corey Bryant |
bug task added |
|
cloud-archive/rocky |
|
| 2019-01-31 13:44:17 |
Corey Bryant |
nominated for series |
|
cloud-archive/stein |
|
| 2019-01-31 13:44:17 |
Corey Bryant |
bug task added |
|
cloud-archive/stein |
|
| 2019-01-31 13:44:25 |
Corey Bryant |
cloud-archive/rocky: status |
New |
Triaged |
|
| 2019-01-31 13:44:27 |
Corey Bryant |
cloud-archive/stein: status |
New |
Triaged |
|
| 2019-01-31 13:44:29 |
Corey Bryant |
cloud-archive/rocky: importance |
Undecided |
High |
|
| 2019-01-31 13:44:31 |
Corey Bryant |
cloud-archive/stein: importance |
Undecided |
High |
|
| 2019-01-31 13:44:59 |
Corey Bryant |
bug task added |
|
python-ldappool (Ubuntu) |
|
| 2019-01-31 13:45:09 |
Corey Bryant |
python-ldappool (Ubuntu Cosmic): importance |
Undecided |
High |
|
| 2019-01-31 13:45:25 |
Corey Bryant |
python-ldappool (Ubuntu Cosmic): status |
New |
Triaged |
|
| 2019-01-31 13:45:39 |
Corey Bryant |
python-ldappool (Ubuntu Disco): importance |
Undecided |
High |
|
| 2019-01-31 13:45:39 |
Corey Bryant |
python-ldappool (Ubuntu Disco): status |
New |
Triaged |
|
| 2019-01-31 13:47:30 |
Corey Bryant |
ldappool: status |
New |
Fix Released |
|
| 2019-03-07 15:30:32 |
Dmitrii Shcherbakov |
bug |
|
|
added subscriber Dmitrii Shcherbakov |
| 2019-03-07 17:53:41 |
Syed Mohammad Adnan Karim |
bug |
|
|
added subscriber Syed Mohammad Adnan Karim |
| 2019-03-07 19:28:17 |
Narinder Gupta |
tags |
in-stable-queens ldap |
cpe-onsite in-stable-queens ldap |
|
| 2019-03-07 19:45:03 |
Narinder Gupta |
tags |
cpe-onsite in-stable-queens ldap |
cpe-onsite field-critical in-stable-queens ldap |
|
| 2019-03-07 22:57:21 |
Narinder Gupta |
bug |
|
|
added subscriber Canonical Field Critical |
| 2019-03-08 14:15:30 |
Corey Bryant |
python-ldappool (Ubuntu Disco): status |
Triaged |
Fix Released |
|
| 2019-03-08 14:16:04 |
Corey Bryant |
keystone (Ubuntu Disco): status |
Triaged |
Fix Released |
|
| 2019-03-08 14:16:17 |
Corey Bryant |
cloud-archive/stein: status |
Triaged |
Fix Released |
|
| 2019-03-09 18:12:30 |
Michael Iatrou |
bug |
|
|
added subscriber Michael Iatrou |
| 2019-03-11 19:12:25 |
Jason Hobbs |
bug |
|
|
added subscriber Jason Hobbs |
| 2019-03-13 14:49:52 |
Corey Bryant |
summary |
PY3: python3-ldap does not allow bytes for DN/RDN/field names |
[SRU] PY3: python3-ldap does not allow bytes for DN/RDN/field names |
|
| 2019-03-13 14:54:27 |
Corey Bryant |
description |
Under Python 2, python-ldap uses bytes by default. Under Python 3 this is removed and bytes aren't allowed for DN/RDN/field names.
More details are here: http://www.python-ldap.org/en/latest/bytes_mode.html#bytes-mode
and here: https://github.com/python-ldap/python-ldap/blob/python-ldap-3.1.0/Lib/ldap/ldapobject.py#L111
== initial traceback ==
Here's the initial traceback from the failure: https://paste.ubuntu.com/p/67THZb2m5m/
The last bit of the error is:
File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 314, in _ldap_call
result = func(*args,**kwargs)
TypeError: simple_bind() argument 1 must be str or None, not bytes
A closer look at func shows:
func=<built-in method simple_bind of LDAP object at 0x7f9d0177b760>
args=(b'cn=admin,dc=test,dc=com', b'crapper', None, None)
== keystone ldap backend use of python-ldap ==
In simple_bind_s() of keystone's ldap backend, who and cred are encoded as byte strings:
https://github.com/openstack/keystone/blob/14.0.0/keystone/identity/backends/ldap/common.py#L885
but that appears to no longer be valid use of python-ldap for py3. |
[Impact]
Keystone LDAP backend doesn't work for PY3.
Under Python 2, python-ldap uses bytes by default. Under Python 3 this is removed and bytes aren't allowed for DN/RDN/field names.
More details are here: http://www.python-ldap.org/en/latest/bytes_mode.html#bytes-mode
and here: https://github.com/python-ldap/python-ldap/blob/python-ldap-3.1.0/Lib/ldap/ldapobject.py#L111
== initial traceback ==
Here's the initial traceback from the failure: https://paste.ubuntu.com/p/67THZb2m5m/
The last bit of the error is:
File "/usr/lib/python3/dist-packages/ldap/ldapobject.py", line 314, in _ldap_call
result = func(*args,**kwargs)
TypeError: simple_bind() argument 1 must be str or None, not bytes
A closer look at func shows:
func=<built-in method simple_bind of LDAP object at 0x7f9d0177b760>
args=(b'cn=admin,dc=test,dc=com', b'crapper', None, None)
== keystone ldap backend use of python-ldap ==
In simple_bind_s() of keystone's ldap backend, who and cred are encoded as byte strings:
https://github.com/openstack/keystone/blob/14.0.0/keystone/identity/backends/ldap/common.py#L885
but that appears to no longer be valid use of python-ldap for py3.
[Test Case]
Run charm-keystone-ldap functional tests for OpenStack Rocky or above.
[Regression Potential]
The only regression potential would be for PY2 code paths. PY3 code paths never worked for keystone's LDAP backend. The approach to the patch have purposefully minimized amount of code required and therefore regression potential for PY2. Note that Rocky for Ubuntu supports PY2 but as of Stein Ubuntu has dropped PY2 support. |
|
| 2019-03-13 17:49:55 |
Corey Bryant |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2019-03-14 18:23:15 |
Ryan Beisner |
bug |
|
|
added subscriber Ryan Beisner |
| 2019-03-14 21:30:03 |
Brian Murray |
python-ldappool (Ubuntu Cosmic): status |
Triaged |
Fix Committed |
|
| 2019-03-14 21:30:09 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
| 2019-03-14 21:30:17 |
Brian Murray |
tags |
cpe-onsite field-critical in-stable-queens ldap |
cpe-onsite field-critical in-stable-queens ldap verification-needed verification-needed-cosmic |
|
| 2019-03-14 21:32:54 |
Brian Murray |
keystone (Ubuntu Cosmic): status |
Triaged |
Fix Committed |
|
| 2019-03-15 19:48:15 |
Corey Bryant |
tags |
cpe-onsite field-critical in-stable-queens ldap verification-needed verification-needed-cosmic |
cpe-onsite field-critical in-stable-queens ldap verification-failed verification-failed-cosmic |
|
| 2019-03-19 21:07:36 |
Brian Murray |
tags |
cpe-onsite field-critical in-stable-queens ldap verification-failed verification-failed-cosmic |
cpe-onsite field-critical in-stable-queens ldap verification-needed verification-needed-cosmic |
|
| 2019-03-19 22:46:11 |
Corey Bryant |
cloud-archive: status |
Fix Released |
Fix Committed |
|
| 2019-03-19 22:46:18 |
Corey Bryant |
cloud-archive/rocky: status |
Triaged |
Fix Committed |
|
| 2019-03-20 08:16:04 |
Colleen Murphy |
nominated for series |
|
keystone/stein |
|
| 2019-03-20 08:16:04 |
Colleen Murphy |
bug task added |
|
keystone/stein |
|
| 2019-03-20 08:16:04 |
Colleen Murphy |
nominated for series |
|
keystone/rocky |
|
| 2019-03-20 08:16:04 |
Colleen Murphy |
bug task added |
|
keystone/rocky |
|
| 2019-03-20 14:18:54 |
Corey Bryant |
tags |
cpe-onsite field-critical in-stable-queens ldap verification-needed verification-needed-cosmic |
cpe-onsite field-critical in-stable-queens ldap verification-done verification-done-cosmic |
|
| 2019-03-20 14:19:13 |
Corey Bryant |
keystone/rocky: status |
New |
Fix Committed |
|
| 2019-03-20 14:25:18 |
Corey Bryant |
cloud-archive/rocky: status |
Fix Committed |
Fix Released |
|
| 2019-03-20 14:35:09 |
Corey Bryant |
keystone/rocky: status |
Fix Committed |
Fix Released |
|
| 2019-03-20 14:36:15 |
Corey Bryant |
keystone/rocky: status |
Fix Released |
Fix Committed |
|
| 2019-03-20 14:36:51 |
Corey Bryant |
cloud-archive/stein: status |
Fix Committed |
Fix Released |
|
| 2019-03-26 13:45:15 |
Corey Bryant |
keystone/rocky: status |
Fix Committed |
Fix Released |
|
| 2019-04-01 11:40:16 |
Launchpad Janitor |
python-ldappool (Ubuntu Cosmic): status |
Fix Committed |
Fix Released |
|
| 2019-04-01 11:50:30 |
Launchpad Janitor |
keystone (Ubuntu Cosmic): status |
Fix Committed |
Fix Released |
|
| 2019-06-11 12:36:58 |
Edward Hope-Morley |
tags |
cpe-onsite field-critical in-stable-queens ldap verification-done verification-done-cosmic |
cpe-onsite field-critical in-stable-queens ldap py3 verification-done verification-done-cosmic |
|
