Login using LDAP fails on the latest Debian versions

[JosephKiranBabu]

environment: Debian testing (Buster)
matrix-synapse package version: 0.99.1.1-1
matrix-syanpse-ldap3 package version: 0.1.3-4

Logging in using an LDAP user's credentials fails on the latest versions of the packages available on Debian testing.

Feb 25 07:12:26 freedombox synapse[11329]: synapse.handlers.presence: [] Handling presence timeouts
Feb 25 07:12:27 freedombox synapse[11329]: synapse.access.http.8008: [OPTIONS-1] ::1 - 8008 - Received request: OPTIONS /_matrix/client/r0/login
Feb 25 07:12:27 freedombox synapse[11329]: synapse.access.http.8008: [OPTIONS-1] ::1 - 8008 - {None} Processed request: 0.001sec/0.000sec (0.000sec, 0.000sec) (0.000sec/0.000sec/0) 22B 200 "OPTIONS /_matrix/cli
Feb 25 07:12:27 freedombox synapse[11329]: synapse.access.http.8008: [POST-2] ::1 - 8008 - Received request: POST /_matrix/client/r0/login
Feb 25 07:12:27 freedombox synapse[11329]: synapse.rest.client.v1.login: [POST-2] Got login request with identifier: {'type': 'm.id.user', 'user': 'tester'}, medium: None, address: None, user: 'tester'
Feb 25 07:12:27 freedombox synapse[11329]: synapse.storage._base: [] Starting db txn 'get_users_by_id_case_insensitive' from sentinel context
Feb 25 07:12:27 freedombox synapse[11329]: synapse.storage._base: [] Starting db connection from sentinel context: metrics will be lost
Feb 25 07:12:27 freedombox synapse[11329]: synapse.metrics: [] Collecting gc 0
Feb 25 07:12:27 freedombox synapse[11329]: synapse.handlers.auth: [] Attempted to login as @tester:mybox.me but they do not exist
Feb 25 07:12:27 freedombox synapse[11329]: synapse.http.server: [] Failed handle request via <function JsonResource._async_render at 0x7fd008a03488>: <SynapseRequest at 0x7fd0053bdb70 method='POST' uri='/_matri
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 654, in _runCallbacks
                                               current.result = callback(current.result, *args, **kw)
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 1475, in gotResult
                                               _inlineCallbacks(r, g, status)
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
                                               result = result.throwExceptionIntoGenerator(g)
                                             File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
                                               return g.throw(self.type, self.value, self.tb)
                                           --- <exception caught here> ---
                                             File "/usr/lib/python3/dist-packages/synapse/http/server.py", line 81, in wrapped_request_handler
                                               yield h(self, request)
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
                                               result = result.throwExceptionIntoGenerator(g)
                                             File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
                                               return g.throw(self.type, self.value, self.tb)
                                             File "/usr/lib/python3/dist-packages/synapse/http/server.py", line 316, in _async_render
                                               callback_return = yield callback(request, **kwargs)
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
                                               result = result.throwExceptionIntoGenerator(g)
                                             File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
                                               return g.throw(self.type, self.value, self.tb)
                                             File "/usr/lib/python3/dist-packages/synapse/rest/client/v1/login.py", line 140, in on_POST
                                               result = yield self._do_other_login(login_submission)
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
                                               result = result.throwExceptionIntoGenerator(g)
                                             File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
                                               return g.throw(self.type, self.value, self.tb)
                                             File "/usr/lib/python3/dist-packages/synapse/rest/client/v1/login.py", line 220, in _do_other_login
                                               login_submission,
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
                                               result = result.throwExceptionIntoGenerator(g)
                                             File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
                                               return g.throw(self.type, self.value, self.tb)
                                             File "/usr/lib/python3/dist-packages/synapse/handlers/auth.py", line 664, in validate_login
                                               qualified_user_id, password,
                                             File "/usr/lib/python3/dist-packages/twisted/internet/defer.py", line 1416, in _inlineCallbacks
                                               result = result.throwExceptionIntoGenerator(g)
                                             File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
                                               return g.throw(self.type, self.value, self.tb)
                                             File "/usr/lib/python3/dist-packages/ldap_auth_provider.py", line 172, in check_password
                                               self.ldap_attributes['mail']
                                             File "/usr/lib/python3/dist-packages/twisted/python/threadpool.py", line 250, in inContext
                                               result = inContext.theWork()
                                             File "/usr/lib/python3/dist-packages/twisted/python/threadpool.py", line 266, in <lambda>
                                               inContext.theWork = lambda: context.call(ctx, func, *args, **kw)
                                             File "/usr/lib/python3/dist-packages/twisted/python/context.py", line 122, in callWithContext
                                               return self.currentContext().callWithContext(ctx, func, *args, **kw)
                                             File "/usr/lib/python3/dist-packages/twisted/python/context.py", line 85, in callWithContext
                                               return func(*args,**kw)
                                             File "/usr/lib/python3/dist-packages/ldap3/core/connection.py", line 772, in search
                                               check_names=self.check_names)
                                             File "/usr/lib/python3/dist-packages/ldap3/operation/search.py", line 375, in search_operation
                                               request['attributes'] = build_attribute_selection(attributes, schema)
                                             File "/usr/lib/python3/dist-packages/ldap3/operation/search.py", line 311, in build_attribute_selection
                                               attribute_selection[index] = Selector(attribute)
                                             File "/usr/lib/python3/dist-packages/pyasn1/type/univ.py", line 819, in __init__
                                               base.AbstractSimpleAsn1Item.__init__(self, value, **kwargs)
                                             File "/usr/lib/python3/dist-packages/pyasn1/type/base.py", line 240, in __init__
                                               value = self.prettyIn(value)
                                             File "/usr/lib/python3/dist-packages/pyasn1/type/univ.py", line 878, in prettyIn
                                               return bytes(value)
                                               result = result.throwExceptionIntoGenerator(g)
                                             File "/usr/lib/python3/dist-packages/twisted/python/failure.py", line 491, in throwExceptionIntoGenerator
                                               return g.throw(self.type, self.value, self.tb)
                                             File "/usr/lib/python3/dist-packages/ldap_auth_provider.py", line 172, in check_password
                                               self.ldap_attributes['mail']
                                             File "/usr/lib/python3/dist-packages/twisted/python/threadpool.py", line 250, in inContext
                                               result = inContext.theWork()
                                             File "/usr/lib/python3/dist-packages/twisted/python/threadpool.py", line 266, in <lambda>
                                               inContext.theWork = lambda: context.call(ctx, func, *args, **kw)
                                             File "/usr/lib/python3/dist-packages/twisted/python/context.py", line 122, in callWithContext
                                               return self.currentContext().callWithContext(ctx, func, *args, **kw)
                                             File "/usr/lib/python3/dist-packages/twisted/python/context.py", line 85, in callWithContext
                                               return func(*args,**kw)
                                             File "/usr/lib/python3/dist-packages/ldap3/core/connection.py", line 772, in search
                                               check_names=self.check_names)
                                             File "/usr/lib/python3/dist-packages/ldap3/operation/search.py", line 375, in search_operation
                                               request['attributes'] = build_attribute_selection(attributes, schema)
                                             File "/usr/lib/python3/dist-packages/ldap3/operation/search.py", line 311, in build_attribute_selection
                                               attribute_selection[index] = Selector(attribute)
                                             File "/usr/lib/python3/dist-packages/pyasn1/type/univ.py", line 819, in __init__
                                               base.AbstractSimpleAsn1Item.__init__(self, value, **kwargs)
                                             File "/usr/lib/python3/dist-packages/pyasn1/type/base.py", line 240, in __init__
                                               value = self.prettyIn(value)
                                             File "/usr/lib/python3/dist-packages/pyasn1/type/univ.py", line 878, in prettyIn
                                               return bytes(value)
                                           builtins.TypeError: cannot convert 'NoneType' object to bytes
Feb 25 07:12:27 freedombox synapse[11329]: synapse.access.http.8008: [POST-2] ::1 - 8008 - {None} Processed request: 0.009sec/0.000sec (0.000sec, 0.002sec) (0.000sec/0.000sec/0) 67B 500 "POST /_matrix/client/r0

This has nothing to do with Let's Encrypt certificates. I did a similar test with a valid domain name and LE certificate here - https://salsa.debian.org/freedombox-team/plinth/issues/1484

[JosephKiranBabu]

I was setting the mail attribute in the LDAP configuration to null in homesever.yaml. Setting it to '' fixed the issue.