ETCD backend interpretes everything as UTF-8 string which could lead to key collisions (besides other things) when being used with ldap connector

[ProbstDJakob]

Preflight Checklist

• I agree to follow the Code of Conduct that this project adheres to.
• I have searched the issue tracker for an issue that matches the one I want to file, without success.
• I am not looking for support or already pursued the available support channels without success.

Version

master

Storage Type

etcd

Installation Type

Other (specify below)

Expected Behavior

Either the ldap connector deserialises the values according to the schema or does treat the values as binary data.

Actual Behavior

The etcd backend interprets everything as UTF-8 string which could lead to key collisions when being used with the ldap connector. Though the ldap library suggests that EntryAttribute.Values returns an array of decoded strings (with the raw values in ByteValues), the values are actually always the same and may contain arbitrary byte values. In our case we tried to use objectSid as UserId but it is not deserialised and thus contains binary data. The etcd storage backend then serialises the value to json within txnCreate which replaces all invalid UTF-8 sequences with the replacement character U+FFFD (0xEFBFBD). This could then lead to key collisions as the value is being used as sub. This may also apply to other connectors/storage backends.

Steps To Reproduce

No response

Additional Information

No response

Configuration

Logs