CB Response: Duo Authentication fails with proxy credentials
Article ID: 289892
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
- Customers using CB Response 7.0.1 who leverage Duo Authentication with a secrets.ini file containing proxy username/password information are unable to login to CB Response Console.
- Upon service startup, the following log entry will exist in /var/log/cb/coreservices/debug.log:
2020-03-09 15:53:00 [19884] <err> duo_2fa_auth_callback - Could not initialize Duo 2fa plugin
Traceback (most recent call last):
File "/usr/lib64/python3.7/base64.py", line 510, in _input_type_check
m = memoryview(s)
TypeError: memoryview: a bytes-like object is required, not 'str'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/usr/share/cb/plugins/duo/duo_2fa_auth_callback.py", line 201, in <module>
authentication_state = AuthenticationState()
File "/usr/share/cb/plugins/duo/duo_2fa_auth_callback.py", line 91, in __init__
token = base64.encodebytes('%s:%s' % (proxy_user, proxy_password)).strip()
File "/usr/lib64/python3.7/base64.py", line 527, in encodebytes
_input_type_check(s)
File "/usr/lib64/python3.7/base64.py", line 513, in _input_type_check
raise TypeError(msg) from err
TypeError: expected bytes-like object, not str
Environment
- CB Response Server: 7.0.1
- Third-Party Proxy with Authentication
Cause
This is caused due to an issue with Python2 and Python3 for CB Response 7.0.1.
Resolution
This will be fixed in a future release of the product. This article will be updated when a fix-in-version is known.
Additional Information
The internal ticket for tracking is CB-30597.
Feedback
Yes
No
Powered by
