Thanks to Bob Relyea for finding out that we are passing an improper macro to slapd_pk11_TokenKeyGenWithFlags. It has to be:
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c index f4a5d1a..41856d5 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c @@ -344,7 +344,7 @@ attrcrypt_generate_key(attrcrypt_cipher_state *acs,PK11SymKey **symmetric_key) 0 /*param*/, acs->ace->key_size, NULL /*keyid*/, - CKA_DECRYPT/*op*/, + CKF_DECRYPT/*op*/, CKF_ENCRYPT/*attr*/, NULL); if (new_symmetric_key) {
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1115177
git patch file (master) 0001-Ticket-47832-attrcrypt_generate_key-calls-slapd_pk11.patch
Pushed to master: 4b54366..bc98362 master -> master commit bc98362
Metadata Update from @nhosoi: - Issue assigned to nhosoi - Issue set to the milestone: 1.3.3 - 8/14 (August)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1163
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.