[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: bdb encryption

ghenry@OpenLDAP.org wrote:
Hi All,

I'm just testing bdb encryption and it works as expected out of the box.

But I'm trying to decrypt it using the bdb tools:

[ghenry@suretec openldap-data]$ /usr/local/BerkeleyDB.4.7/bin/db_verify objectClass.bdb
db_verify: Encrypted environment: no encryption key supplied
Segmentation fault

Interesting. It shouldn't segfault, perhaps you should report that as a bug to Oracle.

So it segfaults, but it's the same with the key:

[ghenry@suretec openldap-data]$ /usr/local/BerkeleyDB.4.7/bin/db_verify -P "testing" objectClass.bdb
db_verify: Invalid password
Segmentation fault

testing is set in slapd.conf via "cryptfile" and has the word "testing" in it:

How did you create the file? If you simply created it as a plain text file, then it probably has a trailing NewLine as well. In which case, the NewLine is part of the password...

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/