TypeError: from_buffer() cannot return the address of a unicode object

Question

TypeError: from_buffer() cannot return the address of a unicode object

jrosco opened this issue 5 years ago · comments

Joel commented 5 years ago

Seeing the following error running Confidant version 5.1.0 using Docker image lyft/confidant:5.1.0

Environment:

Running build from Docker container
Running version 5.1.0

Using the following SAML Environment Vars set (these settings work in version 4)

USER_AUTH_MODULE=saml
SAML_SP_CERT_FILE=/srv/certificates/saml.sp.cert
SAML_SP_KEY_FILE=/srv/certificates/saml.sp.key
SAML_SECURITY_SLO_RESP_SIGNED=false
SAML_SECURITY_ASSERTIONS_SIGNED=true
SAML_IDP_CERT_FILE=/srv/certificates/saml.idp.cert
SAML_SECURITY_MESSAGES_SIGNED=false

Seeing a type error TypeError: from_buffer() cannot return the address of a unicode object Error (see below log)

Log Output:

 [2019-10-15 20:47:02 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1)
 [2019-10-15 20:47:02 +0000] [1] [INFO] Using worker: gevent
 [2019-10-15 20:47:02 +0000] [9] [INFO] Booting worker with pid: 9
 [2019-10-15 20:47:02 +0000] [11] [INFO] Booting worker with pid: 11
 [2019-10-15 20:47:03 +0000] [9] [ERROR] Exception in worker process
 Traceback (most recent call last):
   File "/venv/lib/python3.6/site-packages/gunicorn/arbiter.py", line 583, in spawn_worker
     worker.init_process()
   File "/venv/lib/python3.6/site-packages/gunicorn/workers/ggevent.py", line 203, in init_process
     super(GeventWorker, self).init_process()
   File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 129, in init_process
     self.load_wsgi()
   File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 138, in load_wsgi
     self.wsgi = self.app.wsgi()
   File "/venv/lib/python3.6/site-packages/gunicorn/app/base.py", line 67, in wsgi
     self.callable = self.load()
   File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 52, in load
     return self.load_wsgiapp()
   File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 41, in load_wsgiapp
     return util.import_app(self.app_uri)
   File "/venv/lib/python3.6/site-packages/gunicorn/util.py", line 350, in import_app
     __import__(module)
   File "/srv/confidant/confidant/wsgi.py", line 4, in <module>
     from confidant import routes  # noqa
   File "/srv/confidant/confidant/routes/__init__.py", line 1, in <module>
     from confidant.routes import static_files  # noqa
   File "/srv/confidant/confidant/routes/static_files.py", line 7, in <module>
     from confidant import authnz
   File "/srv/confidant/confidant/authnz/__init__.py", line 25, in <module>
     user_mod = userauth.init_user_auth_class()
   File "/srv/confidant/confidant/authnz/userauth.py", line 47, in init_user_auth_class
     auth = module(*args, **kwargs)
   File "/srv/confidant/confidant/authnz/userauth.py", line 415, in __init__
     self.saml_config = self._render_saml_settings_dict()
   File "/srv/confidant/confidant/authnz/userauth.py", line 463, in _render_saml_settings_dict
     password=app.config.get('SAML_SP_KEY_FILE_PASSWORD'))
   File "/srv/confidant/confidant/authnz/userauth.py", line 424, in _load_rsa_for_saml
     password=password)
   File "/srv/confidant/confidant/lib/cryptolib.py", line 145, in load_private_key_pem_as_bare_base64
     load_private_key_pem(path, password=password))
   File "/srv/confidant/confidant/lib/cryptolib.py", line 128, in load_private_key_pem
     backend=default_backend())
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 16, in load_pem_private_key
     return backend.load_pem_private_key(data, password)
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1051, in load_pem_private_key
     password,
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1244, in _load_key
     mem_bio = self._bytes_to_bio(data)
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 468, in _bytes_to_bio
     data_ptr = self._ffi.from_buffer(data)
 TypeError: from_buffer() cannot return the address of a unicode object
 [2019-10-15 20:47:03 +0000] [9] [INFO] Worker exiting (pid: 9)
 [2019-10-15 20:47:04 +0000] [11] [ERROR] Exception in worker process
 Traceback (most recent call last):
   File "/venv/lib/python3.6/site-packages/gunicorn/arbiter.py", line 583, in spawn_worker
     worker.init_process()
   File "/venv/lib/python3.6/site-packages/gunicorn/workers/ggevent.py", line 203, in init_process
     super(GeventWorker, self).init_process()
   File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 129, in init_process
     self.load_wsgi()
   File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 138, in load_wsgi
     self.wsgi = self.app.wsgi()
   File "/venv/lib/python3.6/site-packages/gunicorn/app/base.py", line 67, in wsgi
     self.callable = self.load()
   File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 52, in load
     return self.load_wsgiapp()
   File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 41, in load_wsgiapp
     return util.import_app(self.app_uri)
   File "/venv/lib/python3.6/site-packages/gunicorn/util.py", line 350, in import_app
     __import__(module)
   File "/srv/confidant/confidant/wsgi.py", line 4, in <module>
     from confidant import routes  # noqa
   File "/srv/confidant/confidant/routes/__init__.py", line 1, in <module>
     from confidant.routes import static_files  # noqa
   File "/srv/confidant/confidant/routes/static_files.py", line 7, in <module>
     from confidant import authnz
   File "/srv/confidant/confidant/authnz/__init__.py", line 25, in <module>
     user_mod = userauth.init_user_auth_class()
   File "/srv/confidant/confidant/authnz/userauth.py", line 47, in init_user_auth_class
     auth = module(*args, **kwargs)
   File "/srv/confidant/confidant/authnz/userauth.py", line 415, in __init__
     self.saml_config = self._render_saml_settings_dict()
   File "/srv/confidant/confidant/authnz/userauth.py", line 463, in _render_saml_settings_dict
     password=app.config.get('SAML_SP_KEY_FILE_PASSWORD'))
   File "/srv/confidant/confidant/authnz/userauth.py", line 424, in _load_rsa_for_saml
     password=password)
   File "/srv/confidant/confidant/lib/cryptolib.py", line 145, in load_private_key_pem_as_bare_base64
     load_private_key_pem(path, password=password))
   File "/srv/confidant/confidant/lib/cryptolib.py", line 128, in load_private_key_pem
     backend=default_backend())
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 16, in load_pem_private_key
     return backend.load_pem_private_key(data, password)
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1051, in load_pem_private_key
     password,
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1244, in _load_key
     mem_bio = self._bytes_to_bio(data)
   File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 468, in _bytes_to_bio
     data_ptr = self._ffi.from_buffer(data)
 TypeError: from_buffer() cannot return the address of a unicode object
 [2019-10-15 20:47:04 +0000] [11] [INFO] Worker exiting (pid: 11)
 [2019-10-15 20:47:04 +0000] [1] [INFO] Shutting down: Master
 [2019-10-15 20:47:04 +0000] [1] [INFO] Reason: Worker failed to boot.```

Ryan Lane · Answer 1 · Wed Oct 16 2019 08:29:36 GMT+0800 (China Standard Time)

In py3 we should be opening that file as binary :/

Let me send in a fix

Ryan Lane · Answer 2 · Thu Oct 17 2019 02:15:36 GMT+0800 (China Standard Time)

Merged fix, and tagged at 5.2.0. Should be in dockerhub now

Ryan Lane · Answer 3 · Thu Oct 17 2019 02:15:49 GMT+0800 (China Standard Time)

Thanks for the bug report!