Univention Bugzilla – Bug 53820
Searching for settings/data data=* binary property raises UnicodeDecodeError
Last modified: 2021-09-21 18:03:55 CEST
udm settings/data list --position ou=kenqyu3pzu,l=school,l=dev --filter=data=QlpoOTFBWSZTWb+txX8AAAAJgAxAGBAEgCAAMQwIIDNIHa4wni7kinChIX9biv4= udm settings/ldapacl list --position ou=kenqyu3pzu,l=school,l=dev --filter=data=QlpoOTFBWSZTWb+txX8AAAAJgAxAGBAEgCAAMQwIIDNIHa4wni7kinChIX9biv4= udm settings/ldapschema list --position ou=kenqyu3pzu,l=school,l=dev --filter=data=QlpoOTFBWSZTWb+txX8AAAAJgAxAGBAEgCAAMQwIIDNIHa4wni7kinChIX9biv4= udm settings/udm_hook list --position ou=kenqyu3pzu,l=school,l=dev --filter=data=QlpoOTFBWSZTWb+txX8AAAAJgAxAGBAEgCAAMQwIIDNIHa4wni7kinChIX9biv4= udm settings/udm_module list --position ou=kenqyu3pzu,l=school,l=dev --filter=data=QlpoOTFBWSZTWb+txX8AAAAJgAxAGBAEgCAAMQwIIDNIHa4wni7kinChIX9biv4= udm settings/udm_syntax list --position ou=kenqyu3pzu,l=school,l=dev --filter=data=QlpoOTFBWSZTWb+txX8AAAAJgAxAGBAEgCAAMQwIIDNIHa4wni7kinChIX9biv4= raises: Traceback (most recent call last): File "/usr/share/univention-directory-manager-tools/univention-cli-server", line 213, in doit output = univention.admincli.admin.doit(arglist) File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 380, in doit out = _doit(arglist) File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 657, in _doit out.extend(cli.list(list_policies, filter, superordinate_dn, policyOptions, policies_with_DN)) File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 689, in list return self._list(self.module_name, self.module, self.dn, self.lo, self.position, self.superordinate, *args, **kwargs) File "/usr/lib/python3/dist-packages/univention/admincli/admin.py", line 951, in _list for object in univention.admin.modules.lookup(module, None, lo, scope='sub', superordinate=superordinate, base=position.getDn(), filter=filter): File "/usr/lib/python3/dist-packages/univention/admin/modules.py", line 953, in lookup tmpres = module.lookup(co, lo, filter, base=base, superordinate=superordinate, scope=scope, unique=unique, required=required, timeout=timeout, sizelimit=sizelimit) File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 1773, in lookup filter_s = cls.lookup_filter(filter_s, lo) File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 1804, in lookup_filter filter_p.append_unmapped_filter_string(filter_s, cls.rewrite_filter, module.mapping) File "/usr/lib/python3/dist-packages/univention/admin/filter.py", line 124, in append_unmapped_filter_string walk(filter_p, rewrite_function, arg=mapping) File "/usr/lib/python3/dist-packages/univention/admin/filter.py", line 313, in walk expression_walk_function(filter_p, arg) File "/usr/lib/python3/dist-packages/univention/admin/handlers/__init__.py", line 1867, in rewrite_filter filter.value = mapping.mapValueDecoded(key, filter.value) File "/usr/lib/python3/dist-packages/univention/admin/mapping.py", line 564, in mapValueDecoded value = value.decode(*self.getEncoding(map_name)) UnicodeDecodeError: 'utf-8' codec can't decode byte 0xbf in position 10: invalid start byte The LDAP attributes univentionData, univentionLDAPACLData, univentionLDAPSchemaData, univentionUDMHookData, univentionUDMModuleData, univentionUDMSyntaxData are defined with SYNTAX=1.3.6.1.4.1.1466.115.121.1.5 - Binary syntax and without an EQUALITY matching rule. Therefore a search will never yield any results. And even if, afaik a LDAP search filter can only contain UTF-8 characters. So: 1. we should set `dontsearch=True` in the property description. 2. we should prevent that exception (by raising a invalid filter exception?). 3. we should specify an encoding in the mapping: ASCII (because of base64) for the property, nothing/ISO8859-1/etc. for the LDAP attribute.
Maybe it makes sense to raise this exception, equivalent to (un) mapValue() ? diff --git management/univention-directory-manager-modules/modules/univention/admin/mapping.py management/univention-directory-manager-modules/modules/univention/admin/mapping.py index 3c575728a7..83c05d8714 100644 --- management/univention-directory-manager-modules/modules/univention/admin/mapping.py +++ management/univention-directory-manager-modules/modules/univention/admin/mapping.py @@ -557,11 +557,14 @@ class mapping(object): def mapValueDecoded(self, map_name, value): value = self.mapValue(map_name, value) - if isinstance(value, (list, tuple)): - ud.debug(ud.ADMIN, ud.WARN, 'mapValueDecoded returns a list for %s. This is probably not wanted?' % map_name) - value = [val.decode(*self.getEncoding(map_name)) for val in value] - else: - value = value.decode(*self.getEncoding(map_name)) + try: + if isinstance(value, (list, tuple)): + ud.debug(ud.ADMIN, ud.WARN, 'mapValueDecoded returns a list for %s. This is probably not wanted?' % map_name) + value = [val.decode(*self.getEncoding(map_name)) for val in value] + else: + value = value.decode(*self.getEncoding(map_name)) + except UnicodeDecodeError: + raise univention.admin.uexceptions.valueInvalidSyntax(_('Invalid encoding for %s') % (map_name,)) return value def unmapValue(self, unmap_name, value):