dogtagpki

Clone
Source Code
GIT

#1423 Pin reset operation using tpsclient fails
Closed: Fixed None Opened 8 years ago by mharmsen.

Closed: Fixed
Reopen Issue

Pin reset operation using tpsclient fails

Steps to Reproduce:

tpsclient pin reset request is as follows

op=var_set name=ra_host value=ibm-x3650m4-02-vm-04.lab.eng.bos.redhat.com
op=var_set name=ra_port value=31849
op=var_set name=ra_uri value=/tps/tps
op=token_set cuid=10000000000000000001 msn=01020304 app_ver=6FBBC105
key_info=0101 major_ver=0 minor_ver=0
op=token_set auth_key=404142434445464748494a4b4c4d4e4f
op=token_set mac_key=404142434445464748494a4b4c4d4e4f
op=token_set kek_key=404142434445464748494a4b4c4d4e4f
op=ra_reset_pin uid=idmuser1 pwd=redhat new_pin=redhat num_threads=1
extensions=tokenType=userKey
op=exit

Actual results:

pin reset fails

Expected results:

pin reset should be successful

Additional info:

TPS debug log has the following messages:

[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSEnrollProcessor.isTokenRecordPresent: 10%00%00%00%00%00%00%00%00%01%
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: LDAPDatabase:
getRecord("10000000000000000001")
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: In
LdapBoundConnFactory::getConn()
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: masterConn is connected: true
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: getConn: conn is connected true
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: getConn: mNumConns now 2
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: LDAPDatabase: reading
ou=Tokens,dc=pki-tps1
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: returnConn: mNumConns now 3
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: TPSEnrollProcessor.enroll:
found token...
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSPinResetProcessor.resetPin(): Token status: ACTIVE
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.getResolverInstanceName: entering for operaiton : pinReset
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.getResolverInstanceName: config: op.pinReset.mappingResolver
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.getResolverInstanceName: returning: pinResetProfileMappingResolver
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.createFilterMappingParams:  after new MappingFilterParams
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.createFilterMappingParams:  MappingFilterParams set
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSPinResetProcessor.resetPin(): resolved tokenType: null
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.checkProfileStateOK()
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.checkAndAuthenticateUser: getting config:
op.pinReset.null.auth.enable
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: checkAndAuthenticateUser:
opPrefox: op.pinReset
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: TPSProcessor.getAuthentication
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]:
TPSProcessor.checkAndAuthenticateUser:: authentication exception thrown:
java.lang.NullPointerException
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: LDAPDatabase:
addRecord("20150612112955489000.4e")
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: In
LdapBoundConnFactory::getConn()
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: masterConn is connected: true
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: getConn: conn is connected true
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: getConn: mNumConns now 2
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: LDAPDatabase: adding
cn=20150612112955489000.4e,ou=Activities,dc=pki-tps1
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: returnConn: mNumConns now 3
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: TPSSession.process: Message
processing failed: TPS error user authentication
failed:java.lang.NullPointerException
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: TPSMessage.write: Writing:
s=43&msg_type=13&operation=3&result=1&message=14
[12/Jun/2015:11:29:55][http-bio-31849-exec-19]: TPSSession.process: leaving:
result: 1 status: STATUS_ERROR_LOGIN

Per CS/DS meeting of 06/15/2015: 10.2.6

Patch submitted for very simple fix.

Checkin:

commit ac979100dfa45ff3d194349fdec093aa076815f8
Author: Jack Magne jmagne@localhost.localdomain
Date: Fri Jun 26 15:31:46 2015 -0700

Fix Pin Reset tokenType resolution.

Ticket #1423 Pin reset operation using tpsclient fails.

Recently we had added a new way to resolve the profile. That new method was
not used in the PinReset Processor. This fix addresses that and allows the Pin Reset operation to complete.

Metadata Update from @mharmsen:
- Issue assigned to jmagne
- Issue set to the milestone: 10.2.6
7 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/1983

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Login to comment on this ticket.

Metadata
None
None
None
major
None
None
defect
None
None
None
None
None
QE
None
None
None
None
None
None
TPS
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.