From 4a2708c18e4b03b7677af70b396836685d1d577b Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Wed, 4 Jul 2018 11:38:34 +0200 Subject: [PATCH 7/7] backends/ldap: apply force_bytes inside all structured settings (fixes #23698) --- src/authentic2/backends/ldap_backend.py | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/authentic2/backends/ldap_backend.py b/src/authentic2/backends/ldap_backend.py index 30e640a7..44043689 100644 --- a/src/authentic2/backends/ldap_backend.py +++ b/src/authentic2/backends/ldap_backend.py @@ -58,6 +58,15 @@ for bundle_path in CA_BUNDLE_PATHS: break +def map_bytes(d): + if isinstance(d, six.string_types): + return force_bytes(d) + elif isinstance(d, (list, tuple)): + return d.__class__(map_bytes(x) for x in d) + elif isinstance(d, dict): + return {map_bytes(k): map_bytes(v) for k, v in d.iteritems()} + + class LDAPUser(get_user_model()): SESSION_LDAP_DATA_KEY = 'ldap-data' _changed = False @@ -1118,6 +1127,9 @@ class LDAPBackend(object): if not isinstance(cls._DEFAULTS[d], bool) and d in cls._REQUIRED and not block[d]: raise ImproperlyConfigured( 'LDAP_AUTH_SETTINGS: attribute %r is required but is empty') + # force_bytes all strings in iterable or dict + if isinstance(block[d], (list, tuple, dict)): + block[d] = map_bytes(block[d]) for i in cls._TO_ITERABLE: if isinstance(block[i], six.string_types): block[i] = (block[i],) -- 2.18.0