Merge pull request #1644 from coreos-inc/ldap-fix

Fix LDAP DN building for empty RDN list
2016-07-22 14:45:04 -04:00 · 2016-07-22 14:45:04 -04:00 · 9fb9b14e6c
commit 9fb9b14e6c
parent ca57928b77
2 changed files with 29 additions and 2 deletions
--- a/data/users/externalldap.py
+++ b/data/users/externalldap.py
@ -60,8 +60,13 @@ class LDAPUsers(FederatedUsers):
    # Note: user_rdn is a list of RDN pieces (for historical reasons), and secondary_user_rds
    # is a list of RDN strings.
    relative_user_dns = [','.join(user_rdn)] + (secondary_user_rdns or [])
-    self._user_dns = [','.join(relative_dn.split(',') + base_dn)
-                      for relative_dn in relative_user_dns]
+
+    def get_full_rdn(relative_dn):
+      prefix = relative_dn.split(',') if relative_dn else []
+      return ','.join(prefix + base_dn)
+
+    # Create the set of full DN paths.
+    self._user_dns = [get_full_rdn(relative_dn) for relative_dn in relative_user_dns]

  def _get_ldap_referral_dn(self, referral_exception):
    logger.debug('Got referral: %s', referral_exception.args[0])