TypeError: from_buffer() cannot return the address of a unicode object
jrosco opened this issue · comments
Joel commented
Seeing the following error running Confidant version 5.1.0 using Docker image lyft/confidant:5.1.0
Environment:
- Running build from Docker container
- Running version 5.1.0
Using the following SAML Environment Vars set (these settings work in version 4)
USER_AUTH_MODULE=saml
SAML_SP_CERT_FILE=/srv/certificates/saml.sp.cert
SAML_SP_KEY_FILE=/srv/certificates/saml.sp.key
SAML_SECURITY_SLO_RESP_SIGNED=false
SAML_SECURITY_ASSERTIONS_SIGNED=true
SAML_IDP_CERT_FILE=/srv/certificates/saml.idp.cert
SAML_SECURITY_MESSAGES_SIGNED=false
Seeing a type error TypeError: from_buffer() cannot return the address of a unicode object
Error (see below log)
Log Output:
[2019-10-15 20:47:02 +0000] [1] [INFO] Listening at: http://0.0.0.0:80 (1)
[2019-10-15 20:47:02 +0000] [1] [INFO] Using worker: gevent
[2019-10-15 20:47:02 +0000] [9] [INFO] Booting worker with pid: 9
[2019-10-15 20:47:02 +0000] [11] [INFO] Booting worker with pid: 11
[2019-10-15 20:47:03 +0000] [9] [ERROR] Exception in worker process
Traceback (most recent call last):
File "/venv/lib/python3.6/site-packages/gunicorn/arbiter.py", line 583, in spawn_worker
worker.init_process()
File "/venv/lib/python3.6/site-packages/gunicorn/workers/ggevent.py", line 203, in init_process
super(GeventWorker, self).init_process()
File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 129, in init_process
self.load_wsgi()
File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 138, in load_wsgi
self.wsgi = self.app.wsgi()
File "/venv/lib/python3.6/site-packages/gunicorn/app/base.py", line 67, in wsgi
self.callable = self.load()
File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 52, in load
return self.load_wsgiapp()
File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 41, in load_wsgiapp
return util.import_app(self.app_uri)
File "/venv/lib/python3.6/site-packages/gunicorn/util.py", line 350, in import_app
__import__(module)
File "/srv/confidant/confidant/wsgi.py", line 4, in <module>
from confidant import routes # noqa
File "/srv/confidant/confidant/routes/__init__.py", line 1, in <module>
from confidant.routes import static_files # noqa
File "/srv/confidant/confidant/routes/static_files.py", line 7, in <module>
from confidant import authnz
File "/srv/confidant/confidant/authnz/__init__.py", line 25, in <module>
user_mod = userauth.init_user_auth_class()
File "/srv/confidant/confidant/authnz/userauth.py", line 47, in init_user_auth_class
auth = module(*args, **kwargs)
File "/srv/confidant/confidant/authnz/userauth.py", line 415, in __init__
self.saml_config = self._render_saml_settings_dict()
File "/srv/confidant/confidant/authnz/userauth.py", line 463, in _render_saml_settings_dict
password=app.config.get('SAML_SP_KEY_FILE_PASSWORD'))
File "/srv/confidant/confidant/authnz/userauth.py", line 424, in _load_rsa_for_saml
password=password)
File "/srv/confidant/confidant/lib/cryptolib.py", line 145, in load_private_key_pem_as_bare_base64
load_private_key_pem(path, password=password))
File "/srv/confidant/confidant/lib/cryptolib.py", line 128, in load_private_key_pem
backend=default_backend())
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 16, in load_pem_private_key
return backend.load_pem_private_key(data, password)
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1051, in load_pem_private_key
password,
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1244, in _load_key
mem_bio = self._bytes_to_bio(data)
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 468, in _bytes_to_bio
data_ptr = self._ffi.from_buffer(data)
TypeError: from_buffer() cannot return the address of a unicode object
[2019-10-15 20:47:03 +0000] [9] [INFO] Worker exiting (pid: 9)
[2019-10-15 20:47:04 +0000] [11] [ERROR] Exception in worker process
Traceback (most recent call last):
File "/venv/lib/python3.6/site-packages/gunicorn/arbiter.py", line 583, in spawn_worker
worker.init_process()
File "/venv/lib/python3.6/site-packages/gunicorn/workers/ggevent.py", line 203, in init_process
super(GeventWorker, self).init_process()
File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 129, in init_process
self.load_wsgi()
File "/venv/lib/python3.6/site-packages/gunicorn/workers/base.py", line 138, in load_wsgi
self.wsgi = self.app.wsgi()
File "/venv/lib/python3.6/site-packages/gunicorn/app/base.py", line 67, in wsgi
self.callable = self.load()
File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 52, in load
return self.load_wsgiapp()
File "/venv/lib/python3.6/site-packages/gunicorn/app/wsgiapp.py", line 41, in load_wsgiapp
return util.import_app(self.app_uri)
File "/venv/lib/python3.6/site-packages/gunicorn/util.py", line 350, in import_app
__import__(module)
File "/srv/confidant/confidant/wsgi.py", line 4, in <module>
from confidant import routes # noqa
File "/srv/confidant/confidant/routes/__init__.py", line 1, in <module>
from confidant.routes import static_files # noqa
File "/srv/confidant/confidant/routes/static_files.py", line 7, in <module>
from confidant import authnz
File "/srv/confidant/confidant/authnz/__init__.py", line 25, in <module>
user_mod = userauth.init_user_auth_class()
File "/srv/confidant/confidant/authnz/userauth.py", line 47, in init_user_auth_class
auth = module(*args, **kwargs)
File "/srv/confidant/confidant/authnz/userauth.py", line 415, in __init__
self.saml_config = self._render_saml_settings_dict()
File "/srv/confidant/confidant/authnz/userauth.py", line 463, in _render_saml_settings_dict
password=app.config.get('SAML_SP_KEY_FILE_PASSWORD'))
File "/srv/confidant/confidant/authnz/userauth.py", line 424, in _load_rsa_for_saml
password=password)
File "/srv/confidant/confidant/lib/cryptolib.py", line 145, in load_private_key_pem_as_bare_base64
load_private_key_pem(path, password=password))
File "/srv/confidant/confidant/lib/cryptolib.py", line 128, in load_private_key_pem
backend=default_backend())
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/primitives/serialization/base.py", line 16, in load_pem_private_key
return backend.load_pem_private_key(data, password)
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1051, in load_pem_private_key
password,
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 1244, in _load_key
mem_bio = self._bytes_to_bio(data)
File "/venv/lib/python3.6/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 468, in _bytes_to_bio
data_ptr = self._ffi.from_buffer(data)
TypeError: from_buffer() cannot return the address of a unicode object
[2019-10-15 20:47:04 +0000] [11] [INFO] Worker exiting (pid: 11)
[2019-10-15 20:47:04 +0000] [1] [INFO] Shutting down: Master
[2019-10-15 20:47:04 +0000] [1] [INFO] Reason: Worker failed to boot.```
Ryan Lane commented
In py3 we should be opening that file as binary :/
Let me send in a fix
Ryan Lane commented
Merged fix, and tagged at 5.2.0. Should be in dockerhub now
Ryan Lane commented
Thanks for the bug report!