From 79ed42ee67915383242541329dd5aa186f087ff2 Mon Sep 17 00:00:00 2001 From: Raildo Mascena Date: Wed, 24 Jul 2019 10:20:17 -0300 Subject: [PATCH] Fix python3 compatibility on LDAP search DN from id In Python 3, python-ldap no longer allows bytes for some fields (DNs, RDNs, attribute names, queries). Instead, text values are represented as str, the Unicode text type. [1] More details about byte/str usage in python-ldap can be found at: http://www.python-ldap.org/en/latest/bytes_mode.html#bytes-mode Change-Id: I63e3715032cd8edb11fbff7651f5ba1af506dc9d Related-Bug: #1798184 (cherry picked from commit 03531a56910b12922afde32b40e270b7d68a334b) --- keystone/identity/backends/ldap/common.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/keystone/identity/backends/ldap/common.py b/keystone/identity/backends/ldap/common.py index 6b8750baaf..6f2be75d47 100644 --- a/keystone/identity/backends/ldap/common.py +++ b/keystone/identity/backends/ldap/common.py @@ -1284,9 +1284,8 @@ class BaseLdap(object): def _dn_to_id(self, dn): # Check if the naming attribute in the DN is the same as keystone's # configured 'id' attribute'. If so, extract the ID value from the DN - if self.id_attr == utf8_decode( - ldap.dn.str2dn(utf8_encode(dn))[0][0][0].lower()): - return utf8_decode(ldap.dn.str2dn(utf8_encode(dn))[0][0][1]) + if self.id_attr == ldap.dn.str2dn(dn)[0][0][0].lower(): + return ldap.dn.str2dn(dn)[0][0][1] else: # The 'ID' attribute is NOT in the DN, so we need to perform an # LDAP search to look it up from the user entry itself.