View Issue Details

IDProjectCategoryView StatusLast Update
0001207bareos-core[All Projects] Generalpublic2020-06-09 11:04
ReporterbigzAssigned To 
PriorityhighSeveritymajorReproducibilityalways
Status newResolutionopen 
PlatformLinuxOSanyOS Version5
Product Version19.2.6 
Fixed in Version 
Summary0001207: python-bareos do not work anymore after sslpsk improvement
DescriptionI have a crash when I use 19.2.6 version of python-version in a TLS-PSK configuration.
Look at the crash message that come from sslpsk dependency => "CRITICAL Exception raised: <method 'do_handshake' of '_ssl._SSLSocket' objects> returned a result with an error set"
sslpsk dependency introduce a use of binary use of identity and password (https://github.com/drbild/sslpsk/commit/802d1d9b8268217b28ee1f84176d4d1ae087f0bb)

I do a fix in my fork github repo (https://github.com/bigzbigz/bareos/tree/dev/bigz/master/python-bareos-use-bytes-for-identity-and-password)

I plan to push a pull request on the officiel repo in order to fix the problem. I need your opinion before.
Steps To Reproducebuild a venv with sslpsk master branch

-> % git clone --quiet https://github.com/bareos/bareos.git
-> % cd bareos/python-bareos
-> % python setup.py --quiet install [master|]
zip_safe flag not set; analyzing archive contents...
bareos.__pycache__.__init__.cpython-37: module references __file__
-> % git clone --quiet https://github.com/drbild/sslpsk.git
-> % cd sslpsk
-> % python setup.py --quiet install
-> % pip list [test|]
Package Version
--------------- -------
Click 7.0
elasticsearch 7.5.1
pip 20.0.2
python-bareos 18.2.5
python-dateutil 2.8.1
setuptools 39.0.1
six 1.14.0
sslpsk 1.0.0
urllib3 1.25.8
-> % cd ../bareos/python-bareos/bin
-> % python bconsole.py -d --name bareos-dir --port 9101 --address bareos-dir -p $PASS --tls-psk-require [master|]
DEBUG bconsole.<module>: options: {'name': 'bareos-dir', 'password': 'VT4NzHnQ9w5SDid0', 'port': '9101', 'address': 'bareos-dir', 'protocolversion': 2, 'tls_psk_require': True}
DEBUG lowlevel.__init__: init
DEBUG lowlevel.__connect_plain: connected to bareos-dir:9101
DEBUG lowlevel.__connect_tls_psk: identity = R_CONSOLEbareos-dir, password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
TypeError: a bytes-like object is required, not 'str'

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "bconsole.py", line 34, in <module>
    director = bareos.bsock.DirectorConsole(**bareos_args)
  File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/directorconsole.py", line 120, in __init__
    self.connect(address, port, dirname, ConnectionType.DIRECTOR, name, password)
  File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/lowlevel.py", line 108, in connect
    return self.__connect()
  File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/lowlevel.py", line 126, in __connect
    self.__connect_tls_psk()
  File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/python_bareos-18.2.5-py3.7.egg/bareos/bsock/lowlevel.py", line 206, in __connect_tls_psk
    server_side=False,
  File "/home/mathieu/.pyenv/versions/test-bareos/lib/python3.7/site-packages/sslpsk-1.0.0-py3.7-linux-x86_64.egg/sslpsk/sslpsk.py", line 110, in wrap_socket
    sock.do_handshake()
  File "/home/mathieu/.pyenv/versions/3.7.1/lib/python3.7/ssl.py", line 1117, in do_handshake
    self._sslobj.do_handshake()
SystemError: <method 'do_handshake' of '_ssl._SSLSocket' objects> returned a result with an error set


Additional Information    Director configuration:
Director {
  Name = @@DIR_NAME@@-dir
  DIRport = 9101 # where we listen for UA connections
  QueryFile = "/usr/lib/bareos/scripts/query.sql"
  WorkingDirectory = "/var/spool/bareos"
  PidDirectory = "/var/run"
  Password = "@@DIR_PASSWORD@@" # Console password
  Messages = Daemon
  Auditing = yes
  TLS Enable = yes
  TLS Require = yes
  TLS DH File = /etc/ssl/dh1024.pem
  TLS CA Certificate File = /etc/ssl/certs/ca-bundle.crt
  TLS Key = /etc/ssl/private/client.key
  TLS Certificate = /etc/ssl/certs/client.pem
}
TagsNo tags attached.
bareos-master: impact
bareos-master: action
bareos-19.2: impact
bareos-19.2: action
bareos-18.2: impact
bareos-18.2: action
bareos-17.2: impact
bareos-17.2: action
bareos-16.2: impact
bareos-16.2: action
bareos-15.2: impact
bareos-15.2: action
bareos-14.2: impact
bareos-14.2: action
bareos-13.2: impact
bareos-13.2: action
bareos-12.4: impact
bareos-12.4: action

Activities

bigz

bigz

2020-03-09 20:31

reporter   ~0003892

little up for this issue

Issue History

Date Modified Username Field Change
2020-02-29 14:27 bigz New Issue
2020-03-09 20:31 bigz Note Added: 0003892