Files
@ 6f9970a36190
Branch filter:
Location: kallithea/scripts/make-release - annotation
6f9970a36190
2.4 KiB
text/plain
auth_ldap: fix interpretation of LDAP attributes in Python 3
The python-ldap module returns the LDAP attribute names as strings, and the
attribute values as arrays of bytes, e.g. for email:
'mail': [b'john.doe@example.com'],
See https://www.python-ldap.org/en/latest/bytes_mode.html, particularly:
https://www.python-ldap.org/en/latest/bytes_mode.html#what-s-text-and-what-s-bytes
Due to a missing conversion from bytes to unicode for the attribute values
obtained from LDAP, storing the values in a unicode field in the database would
fail. It would apparently either store a repr of the bytes or store them in
some other way.
Upon user login, SQLAlchemy warned about this:
.../sqlalchemy/sql/sqltypes.py:269: SAWarning: Unicode type received non-unicode bind param value b'John'. (this warning may be suppressed after 10 occurrences)
.../sqlalchemy/sql/sqltypes.py:269: SAWarning: Unicode type received non-unicode bind param value b'Doe'. (this warning may be suppressed after 10 occurrences)
In PostgreSQL, this would result in 'weird' values for first name, last
name, and email fields, both in the database and the web UI, e.g.
firstname: \x4a6f686e
lastname: \x446f65
email: \x6a6f686e406578616d706c652e636f6d
These values represent the actual values in hexadecimal, e.g.
\x4a6f686e = 0x4a 0x6f 0x68 0x6e = J o h n
In SQLite, the problem initially shows differently, as an exception in
gravatar_url():
File "_base_root_html", line 207, in render_body
File "_index_html", line 78, in render_header_menu
File "_base_base_html", line 479, in render_menu
File ".../kallithea/lib/helpers.py", line 908, in gravatar_div
gravatar(email_address, cls=cls, size=size)))
File ".../kallithea/lib/helpers.py", line 923, in gravatar
src = gravatar_url(email_address, size * 2)
File ".../kallithea/lib/helpers.py", line 956, in gravatar_url
.replace('{email}', email_address) \
TypeError: replace() argument 2 must be str, not bytes
but nevertheless the root cause of the problem is the same.
Fix the problem by converting the LDAP attributes from bytes to strings.
The python-ldap module returns the LDAP attribute names as strings, and the
attribute values as arrays of bytes, e.g. for email:
'mail': [b'john.doe@example.com'],
See https://www.python-ldap.org/en/latest/bytes_mode.html, particularly:
https://www.python-ldap.org/en/latest/bytes_mode.html#what-s-text-and-what-s-bytes
Due to a missing conversion from bytes to unicode for the attribute values
obtained from LDAP, storing the values in a unicode field in the database would
fail. It would apparently either store a repr of the bytes or store them in
some other way.
Upon user login, SQLAlchemy warned about this:
.../sqlalchemy/sql/sqltypes.py:269: SAWarning: Unicode type received non-unicode bind param value b'John'. (this warning may be suppressed after 10 occurrences)
.../sqlalchemy/sql/sqltypes.py:269: SAWarning: Unicode type received non-unicode bind param value b'Doe'. (this warning may be suppressed after 10 occurrences)
In PostgreSQL, this would result in 'weird' values for first name, last
name, and email fields, both in the database and the web UI, e.g.
firstname: \x4a6f686e
lastname: \x446f65
email: \x6a6f686e406578616d706c652e636f6d
These values represent the actual values in hexadecimal, e.g.
\x4a6f686e = 0x4a 0x6f 0x68 0x6e = J o h n
In SQLite, the problem initially shows differently, as an exception in
gravatar_url():
File "_base_root_html", line 207, in render_body
File "_index_html", line 78, in render_header_menu
File "_base_base_html", line 479, in render_menu
File ".../kallithea/lib/helpers.py", line 908, in gravatar_div
gravatar(email_address, cls=cls, size=size)))
File ".../kallithea/lib/helpers.py", line 923, in gravatar
src = gravatar_url(email_address, size * 2)
File ".../kallithea/lib/helpers.py", line 956, in gravatar_url
.replace('{email}', email_address) \
TypeError: replace() argument 2 must be str, not bytes
but nevertheless the root cause of the problem is the same.
Fix the problem by converting the LDAP attributes from bytes to strings.
d4f66ca15110 d4f66ca15110 d4f66ca15110 d4f66ca15110 f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa f5b5749113aa 89e9aef9b983 f5b5749113aa f5b5749113aa d06c0566cb23 22321950133a d06c0566cb23 d06c0566cb23 dba4e770d4b6 d06c0566cb23 d06c0566cb23 d4f66ca15110 d06c0566cb23 d06c0566cb23 d06c0566cb23 d06c0566cb23 d06c0566cb23 b70ad5c7e706 b70ad5c7e706 d06c0566cb23 d06c0566cb23 aa6f17a53b49 aa6f17a53b49 d4f66ca15110 d06c0566cb23 d4f66ca15110 d4f66ca15110 d4f66ca15110 d06c0566cb23 d4f66ca15110 d4f66ca15110 d06c0566cb23 8f51a05b9856 d06c0566cb23 d06c0566cb23 aa6f17a53b49 d06c0566cb23 08de75df7775 08de75df7775 08de75df7775 d06c0566cb23 d4f66ca15110 d06c0566cb23 d06c0566cb23 d06c0566cb23 d06c0566cb23 d06c0566cb23 d4f66ca15110 d06c0566cb23 d4f66ca15110 d06c0566cb23 d06c0566cb23 d4f66ca15110 d4f66ca15110 d4f66ca15110 d4f66ca15110 d4f66ca15110 d06c0566cb23 d4f66ca15110 d4f66ca15110 ecef27ac1ffa d4f66ca15110 d06c0566cb23 e4452268c09f d06c0566cb23 | #!/bin/bash
set -e
set -x
cleanup()
{
echo "Removing venv $venv"
rm -rf "$venv"
}
echo "Checking that you are NOT inside a virtualenv"
[ -z "$VIRTUAL_ENV" ]
venv=$(mktemp -d --tmpdir kallithea-release-XXXXX)
trap cleanup EXIT
echo "Setting up a fresh virtualenv in $venv"
python3 -m venv "$venv"
. "$venv/bin/activate"
echo "Install/verify tools needed for building and uploading stuff"
pip install --upgrade -e . -r dev_requirements.txt twine python-ldap python-pam
echo "Cleanup and update copyrights ... and clean checkout"
scripts/run-all-cleanup
scripts/update-copyrights.py
hg up -cr .
echo "Make release build from clean checkout in build/"
rm -rf build dist
hg archive build
cd build
echo "Check that each entry in MANIFEST.in match something"
sed -e 's/[^ ]*[ ]*\([^ ]*\).*/\1/g' MANIFEST.in | xargs ls -lad
echo "Build dist"
python3 setup.py compile_catalog
python3 setup.py sdist
echo "Verify VERSION from kallithea/__init__.py"
namerel=$(cd dist && echo Kallithea-*.tar.gz)
namerel=${namerel%.tar.gz}
version=${namerel#Kallithea-}
ls -l $(pwd)/dist/$namerel.tar.gz
echo "Releasing Kallithea $version in directory $namerel"
echo "Verify dist file content"
diff -u <((hg mani | grep -v '^\.hg\|^kallithea/i18n/en/LC_MESSAGES/kallithea.mo$') | LANG=C sort) <(tar tf dist/Kallithea-$version.tar.gz | sed "s|^$namerel/||" | grep . | grep -v '^kallithea/i18n/.*/LC_MESSAGES/kallithea.mo$\|^Kallithea.egg-info/\|^PKG-INFO$\|/$' | LANG=C sort)
echo "Verify docs build"
python3 setup.py build_sphinx # the results are not actually used, but we want to make sure it builds
echo "Shortlog for inclusion in the release announcement"
scripts/shortlog.py "only('.', branch('stable') & tagged() & public() & not '.')"
cat - << EOT
Now, make sure
* all tests are passing
* release note is ready
* announcement is ready
* source has been pushed to https://kallithea-scm.org/repos/kallithea
EOT
echo "Verify current revision is tagged for $version"
hg log -r "'$version'&." | grep .
echo -n "Enter \"pypi\" to upload Kallithea $version to pypi: "
read answer
[ "$answer" = "pypi" ]
echo "Rebuild readthedocs for docs.kallithea-scm.org"
xdg-open https://readthedocs.org/projects/kallithea/
curl -X POST http://readthedocs.org/build/kallithea
xdg-open https://readthedocs.org/projects/kallithea/builds
xdg-open http://docs.kallithea-scm.org/en/latest/ # or whatever the branch is
twine upload dist/*
xdg-open https://pypi.python.org/pypi/Kallithea
|