Re: BUG: Can't establish SSH tunnel with 3.6

On Fri, Jan 4, 2019 at 2:43 PM Dave Page <dpage(at)pgadmin(dot)org> wrote:

> Akshay; please test this ASAP as some of our packages use Python 3.7
> (which is fully supported).
>

Sure.

>
> Thanks.
>
> On Fri, Jan 4, 2019 at 6:01 AM Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com>
> wrote:
>
>> Hi SleepProgger
>>
>> We haven't tested this with Python 3.7. Can you please log an RM
>> https://redmine.postgresql.org. Please specify the Python version.
>>
>> On Fri, Jan 4, 2019 at 12:26 AM SleepProgger <security(at)gnutp(dot)com> wrote:
>>
>>> Since updating to pgAdmin4 3.6 i can't use the SSH tunnel feature
>>> anymore.
>>>
>>> As soon as i provide the password the following exception occurs:
>>>
>>>
>>> 2019-01-03 15:36:23,007: ERROR flask.app: Object type <class
>>> 'str'> cannot be passed to C code
>>> Traceback (most recent call last):
>>> File
>>> "/usr/lib/pgadmin4/web/pgadmin/utils/driver/psycopg2/server_manager.py",
>>> line 409, in create_ssh_tunnel
>>> tunnel_password = decrypt(tunnel_password, user.password)
>>> File "/usr/lib/pgadmin4/web/pgadmin/utils/crypto.py", line 54, in
>>> decrypt
>>> cipher = AES.new(pad(key), AES.MODE_CFB, iv)
>>> File "/usr/lib/python3.7/site-packages/Crypto/Cipher/AES.py", line
>>> 232, in new
>>> return _create_cipher(sys.modules[__name__], key, mode, *args,
>>> **kwargs)
>>> File "/usr/lib/python3.7/site-packages/Crypto/Cipher/__init__.py",
>>> line 79, in _create_cipher
>>> return modes[mode](factory, **kwargs)
>>> File "/usr/lib/python3.7/site-packages/Crypto/Cipher/_mode_cfb.py",
>>> line 270, in _create_cfb_cipher
>>> cipher_state = factory._create_base_cipher(kwargs)
>>> File "/usr/lib/python3.7/site-packages/Crypto/Cipher/AES.py", line
>>> 103, in _create_base_cipher
>>> result = start_operation(c_uint8_ptr(key),
>>> File "/usr/lib/python3.7/site-packages/Crypto/Util/_raw_api.py", line
>>> 144, in c_uint8_ptr
>>> raise TypeError("Object type %s cannot be passed to C code" %
>>> type(data))
>>> TypeError: Object type <class 'str'> cannot be passed to C code
>>> 2019-01-03 15:36:23,041: ERROR flask.app: Could not connected to
>>> server(#2) - 'smr_imgur_stuff'.
>>> Error: Failed to decrypt the SSH tunnel password.
>>> Error: Object type <class 'str'> cannot be passed to C code
>>> 2019-01-03 15:40:04,070: ERROR flask.app: Object type <class
>>> 'str'> cannot be passed to C code
>>>
>>> After encoding the key (if it is a string) in
>>> pgadmin4/web/pgadmin/utils/crypto.py everything works again like
>>> expected.
>>>
>>>
>>> --- crypto.py 2019-01-03 15:59:41.524945284 +0100
>>>
>>> +++ /usr/lib/pgadmin4/web/pgadmin/utils/crypto.py 2019-01-03
>>> 17:02:40.394875557 +0100
>>> @@ -39,30 +39,32 @@
>>>
>>>
>>> def decrypt(ciphertext, key):
>>> """
>>> Decrypt the AES encrypted string.
>>>
>>> Parameters:
>>> ciphertext -- Encrypted string with AES method.
>>> key -- key to decrypt the encrypted string.
>>> """
>>>
>>> global padding_string
>>>
>>> ciphertext = base64.b64decode(ciphertext)
>>> iv = ciphertext[:AES.block_size]
>>> + if hasattr(key, 'encode'):
>>> + key = key.encode('utf-8')
>>> cipher = AES.new(pad(key), AES.MODE_CFB, iv)
>>> decrypted = cipher.decrypt(ciphertext[AES.block_size:])
>>>
>>> return decrypted
>>>
>>>
>>> Python version is: 3.7.1
>>>
>>> If more information is required please let me know.
>>>
>>> Thanks,
>>>
>>> - SleepProgger
>>>
>>>
>>>
>>>
>>
>> --
>> *Akshay Joshi*
>>
>> *Sr. Software Architect *
>>
>>
>>
>> *Phone: +91 20-3058-9517Mobile: +91 976-788-8246*
>>
>
>
> --
> Dave Page
> Blog: http://pgsnake.blogspot.com
> Twitter: @pgsnake
>
> EnterpriseDB UK: http://www.enterprisedb.com
> The Enterprise PostgreSQL Company
>

--
*Akshay Joshi*

*Sr. Software Architect *

*Phone: +91 20-3058-9517Mobile: +91 976-788-8246*