diff -Nru keystone-13.0.2/debian/changelog keystone-13.0.2/debian/changelog --- keystone-13.0.2/debian/changelog 2019-09-18 09:21:54.000000000 +0000 +++ keystone-13.0.2/debian/changelog 2019-10-30 12:55:58.000000000 +0000 @@ -1,3 +1,10 @@ +keystone (2:13.0.2-0ubuntu3) bionic; urgency=medium + + * d/p/0002-fixing-dn-to-id.patch: Dropped. This patch shouldn't have + been backported to stable/queens (LP: #1850634). + + -- Corey Bryant Wed, 30 Oct 2019 08:55:58 -0400 + keystone (2:13.0.2-0ubuntu2) bionic; urgency=medium * d/p/000*-fixing-dn-to-id.patch: Fix LDAP backend's dn_to_id function diff -Nru keystone-13.0.2/debian/patches/0002-fixing-dn-to-id.patch keystone-13.0.2/debian/patches/0002-fixing-dn-to-id.patch --- keystone-13.0.2/debian/patches/0002-fixing-dn-to-id.patch 2019-09-18 09:21:54.000000000 +0000 +++ keystone-13.0.2/debian/patches/0002-fixing-dn-to-id.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,38 +0,0 @@ -From 79ed42ee67915383242541329dd5aa186f087ff2 Mon Sep 17 00:00:00 2001 -From: Raildo Mascena -Date: Wed, 24 Jul 2019 10:20:17 -0300 -Subject: [PATCH] Fix python3 compatibility on LDAP search DN from id - -In Python 3, python-ldap no longer allows bytes for some fields (DNs, -RDNs, attribute names, queries). Instead, text values are represented -as str, the Unicode text type. - -[1] More details about byte/str usage in python-ldap can be found at: -http://www.python-ldap.org/en/latest/bytes_mode.html#bytes-mode - -Change-Id: I63e3715032cd8edb11fbff7651f5ba1af506dc9d -Related-Bug: #1798184 -(cherry picked from commit 03531a56910b12922afde32b40e270b7d68a334b) ---- - keystone/identity/backends/ldap/common.py | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/keystone/identity/backends/ldap/common.py b/keystone/identity/backends/ldap/common.py -index 6b8750baa..6f2be75d4 100644 ---- a/keystone/identity/backends/ldap/common.py -+++ b/keystone/identity/backends/ldap/common.py -@@ -1284,9 +1284,8 @@ class BaseLdap(object): - def _dn_to_id(self, dn): - # Check if the naming attribute in the DN is the same as keystone's - # configured 'id' attribute'. If so, extract the ID value from the DN -- if self.id_attr == utf8_decode( -- ldap.dn.str2dn(utf8_encode(dn))[0][0][0].lower()): -- return utf8_decode(ldap.dn.str2dn(utf8_encode(dn))[0][0][1]) -+ if self.id_attr == ldap.dn.str2dn(dn)[0][0][0].lower(): -+ return ldap.dn.str2dn(dn)[0][0][1] - else: - # The 'ID' attribute is NOT in the DN, so we need to perform an - # LDAP search to look it up from the user entry itself. --- -2.20.1 - diff -Nru keystone-13.0.2/debian/patches/series keystone-13.0.2/debian/patches/series --- keystone-13.0.2/debian/patches/series 2019-09-18 09:21:54.000000000 +0000 +++ keystone-13.0.2/debian/patches/series 2019-10-30 12:55:58.000000000 +0000 @@ -2,4 +2,3 @@ add-version-info.patch add-missing-manifest.patch 0001-fixing-dn-to-id.patch -0002-fixing-dn-to-id.patch