freeipa team mailing list archive

Thread
Date

[Bug 1677139] Re: pkcs11 setup needs fixes for SoftHSM 2.2

To: freeipa@xxxxxxxxxxxxxxxxxxx
From: Timo Aaltonen <tjaalton@xxxxxxxxxx>
Date: Wed, 19 Apr 2017 06:19:23 -0000
Reply-to: Bug 1677139 <1677139@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Summary changed:

- softhsm 2.2.0 is broken
+ pkcs11 setup needs fixes for SoftHSM 2.2

** Description changed:

- The current version of softhsm in zesty, 2.2.0, is broken:
+ [Impact]
  
- https://github.com/opendnssec/SoftHSMv2/issues/298
+ https://pagure.io/freeipa/issue/6692
  
- even basic functionality managing PKCS#11 tokens doesn't work. This
- breaks freeipa-server and it's DNS integration.
+ SoftHSM 2.2 broke freeipa DNS integration.
  
- Since zesty is about to be released, the best solution to fix this might
- be to revert to 2.1.0.
+ [Test case]
+ 
+ Install ipa server with 'ipa-server-install --setup-dns'.
+ 
+ [Regression potential]
+ 
+ The patch touches only the pkcs11 helper, so shouldn't regress anything
+ else.

** Also affects: freeipa (Ubuntu Zesty)
   Importance: Undecided
       Status: New

** Also affects: freeipa (Ubuntu Aa-series)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1677139

Title:
  pkcs11 setup needs fixes for SoftHSM 2.2

Status in freeipa package in Ubuntu:
  New
Status in freeipa source package in Zesty:
  New
Status in freeipa source package in aa-series:
  New

Bug description:
  [Impact]

  https://pagure.io/freeipa/issue/6692

  SoftHSM 2.2 broke freeipa DNS integration.

  [Test case]

  Install ipa server with 'ipa-server-install --setup-dns'.

  [Regression potential]

  The patch touches only the pkcs11 helper, so shouldn't regress
  anything else.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/freeipa/+bug/1677139/+subscriptions