From e8b04cc4265d672214da50b99ead8c4f8cc49aa2 Mon Sep 17 00:00:00 2001 From: Corey Bryant Date: Wed, 30 Oct 2019 08:49:24 -0400 Subject: [PATCH] Revert "Fix python3 compatibility on LDAP search DN from id" This reverts commit 79ed42ee67915383242541329dd5aa186f087ff2, which shouldn't have been backported to stable/queens because the following patch, which switched to bytes_mode=False, doesn't exist in stable/queens: https://review.opendev.org/#/c/613648/. Change-Id: I3c0fe74559f1bbf66f717fbaeb1e1dd435e7eb2c Closes-Bug: #1850634 --- keystone/identity/backends/ldap/common.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/keystone/identity/backends/ldap/common.py b/keystone/identity/backends/ldap/common.py index 6f2be75d47..6b8750baaf 100644 --- a/keystone/identity/backends/ldap/common.py +++ b/keystone/identity/backends/ldap/common.py @@ -1284,8 +1284,9 @@ class BaseLdap(object): def _dn_to_id(self, dn): # Check if the naming attribute in the DN is the same as keystone's # configured 'id' attribute'. If so, extract the ID value from the DN - if self.id_attr == ldap.dn.str2dn(dn)[0][0][0].lower(): - return ldap.dn.str2dn(dn)[0][0][1] + if self.id_attr == utf8_decode( + ldap.dn.str2dn(utf8_encode(dn))[0][0][0].lower()): + return utf8_decode(ldap.dn.str2dn(utf8_encode(dn))[0][0][1]) else: # The 'ID' attribute is NOT in the DN, so we need to perform an # LDAP search to look it up from the user entry itself.