0001207: python-bareos do not work anymore after sslpsk improvement - Bareos Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0001207	bareos-core	General	public	2020-02-29 14:27	2022-07-13 11:54

Reporter	bigz	Assigned To	bruno-at-bareos
Priority	high	Severity	major	Reproducibility	always
Status	closed	Resolution	won't fix
Platform	Linux	OS	any	OS Version	5
Product Version	19.2.6

Summary	0001207: python-bareos do not work anymore after sslpsk improvement
Description	I have a crash when I use 19.2.6 version of python-version in a TLS-PSK configuration. Look at the crash message that come from sslpsk dependency => "CRITICAL Exception raised: <method 'do_handshake' of '_ssl._SSLSocket' objects> returned a result with an error set" sslpsk dependency introduce a use of binary use of identity and password (https://github.com/drbild/sslpsk/commit/802d1d9b8268217b28ee1f84176d4d1ae087f0bb) I do a fix in my fork github repo (https://github.com/bigzbigz/bareos/tree/dev/bigz/master/python-bareos-use-bytes-for-identity-and-password) I plan to push a pull request on the officiel repo in order to fix the problem. I need your opinion before.
Steps To Reproduce	build a venv with sslpsk master branch -> % git clone --quiet https://github.com/bareos/bareos.git -> % cd bareos/python-bareos -> % python setup.py --quiet install [master\|] zip_safe flag not set; analyzing archive contents... bareos.__pycache__.__init__.cpython-37: module references __file__ -> % git clone --quiet https://github.com/drbild/sslpsk.git -> % cd sslpsk -> % python setup.py --quiet install -> % pip list [test\|] Package Version --------------- ------- Click 7.0 elasticsearch 7.5.1 pip 20.0.2 python-bareos 18.2.5 python-dateutil 2.8.1 setuptools 39.0.1 six 1.14.0 sslpsk 1.0.0 urllib3 1.25.8 -> % cd ../bareos/python-bareos/bin -> % python bconsole.py -d --name bareos-dir --port 9101 --address bareos-dir -p $PASS --tls-psk-require [master\|] DEBUG bconsole.<module>: options: {'name': 'bareos-dir', 'password': 'VT4NzHnQ9w5SDid0', 'port': '9101', 'address': 'bareos-dir', 'protocolversion': 2, 'tls_psk_require': True} DEBUG lowlevel.__init__: init DEBUG lowlevel.__connect_plain: connected to bareos-dir:9101 DEBUG lowlevel.__connect_tls_psk: identity = R_CONSOLEbareos-dir, password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx TypeError: a bytes-like object is required, not 'str' The above exception was the direct cause of the following exception: Traceback (most recent call last): File "bconsole.py", line 34, in <module> director = bareos.bsock.DirectorConsole(**bareos_args) File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/directorconsole.py", line 120, in __init__ self.connect(address, port, dirname, ConnectionType.DIRECTOR, name, password) File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/lowlevel.py", line 108, in connect return self.__connect() File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/lowlevel.py", line 126, in __connect self.__connect_tls_psk() File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/lowlevel.py", line 206, in __connect_tls_psk server_side=False, File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/sslpsk-1.0.0-py3.7-linux-x86_64.egg/sslpsk/sslpsk.py", line 110, in wrap_socket sock.do_handshake() File "/home/mathieu/.pyenv/versions/3.7.1/lib/python3.7/ssl.py", line 1117, in do_handshake self._sslobj.do_handshake() SystemError: <method 'do_handshake' of '_ssl._SSLSocket' objects> returned a result with an error set
Additional Information	Director configuration: Director { Name = @@DIR_NAME@@-dir DIRport = 9101 # where we listen for UA connections QueryFile = "/usr/lib/bareos/scripts/query.sql" WorkingDirectory = "/var/spool/bareos" PidDirectory = "/var/run" Password = "@@DIR_PASSWORD@@" # Console password Messages = Daemon Auditing = yes TLS Enable = yes TLS Require = yes TLS DH File = /etc/ssl/dh1024.pem TLS CA Certificate File = /etc/ssl/certs/ca-bundle.crt TLS Key = /etc/ssl/private/client.key TLS Certificate = /etc/ssl/certs/client.pem }
Tags	No tags attached.

bigz 2020-03-09 20:31 reporter ~0003892	little up for this issue

khvalera 2022-05-28 19:31 reporter ~0004629 Last edited: 2022-05-28 19:48	This error appears when the python script can't connect, possibly the username or password is incorrect. login and password must match: /etc/bareos/bareos-dir.d/console/admin.conf name=admin password="123" #!/usr/bin/env python2 import bareos.bsock directorconsole=bareos.bsock.DirectorConsole(address='localhost', port=9101, name='admin', password='123') print(directorconsole.call('help').decode("utf-8"))

bigz 2022-06-01 21:31 reporter ~0004632	ok thank you

bruno-at-bareos 2022-07-13 11:51 manager ~0004661	I will close it due to lack of PR presented in our code. Feel free to reopen against current master with python3, if still needed.

bruno-at-bareos 2022-07-13 11:54 manager ~0004662	no PR presented in our github code repository. Feel free to reopen against current master with python3, if still needed.

Date Modified	Username	Field	Change
2020-02-29 14:27	bigz	New Issue
2020-03-09 20:31	bigz	Note Added: 0003892
2022-05-28 19:31	khvalera	Note Added: 0004629
2022-05-28 19:48	khvalera	Note Edited: 0004629
2022-06-01 21:31	bigz	Note Added: 0004632
2022-07-13 11:51	bruno-at-bareos	Note Added: 0004661
2022-07-13 11:54	bruno-at-bareos	Assigned To	=> bruno-at-bareos
2022-07-13 11:54	bruno-at-bareos	Status	new => closed
2022-07-13 11:54	bruno-at-bareos	Resolution	open => won't fix
2022-07-13 11:54	bruno-at-bareos	Note Added: 0004662