Bug 1390325

Bug #1375347 is still on POST, hence I cannot verify this fix until we have a new build.

(In reply to Sumedh Sidhaye from comment #4)
> Bug #1375347 is still on POST, hence I cannot verify this fix until we have
> a new build.

That bug is for RHEL 7.4 which won't be released for quite some time; POST means that the fix has been checked into the source tree, but it is not MODIFIED since no build has been created yet.

This bug is the one that needs to be marked VERIFIED since it is part of the RHEL 7.3.z Batch 1 Update - pki-core-10.3.3-13.el7_3 (which contained additional fixes to pki-core-10.3.3-12.el7_3).

Following are the steps I've followed to check the fix:

1. wget http://download.eng.bos.redhat.com/brewroot/packages/pki-core/10.3.3/13.el7_3/src/pki-core-10.3.3-13.el7_3.src.rpm
2. rpm2cpio - < pki-core-10.3.3-13.el7_3.src.rpm 
3. rpm2cpio pki-core-10.3.3-13.el7_3.src.rpm | cpio -idmv
4. tar -xvzf pki-core-10.3.3.tar.gz
5. cd pki-core-10.3.3/
6. grep -r UdnPwdDirAuth base/server/cms/src/com/netscape/cms/authentication/UserPwdDirAuthentication.java

Here is the output of step #6

[user@dhcp201-158 pki-core-10.3.3]$ grep -r UdnPwdDirAuth base/server/cms/src/com/netscape/cms/authentication/UserPwdDirAuthentication.java
     * Initializes the UdnPwdDirAuthentication auth manager.
[user@dhcp201-158 pki-core-10.3.3]$

I can still see reference to UdnPwdDirAuthentication, hence marking FailedQA

The steps in comment #6 is incomplete because in RHEL updates the original source code in the tarball is unchanged but it's patched using separate patch files (see RPM spec file). To verify this bug properly, the patch files need to be applied against the original source code.

Alternatively, the fix can be verified upstream in the following file (line 111):
https://git.fedorahosted.org/cgit/pki.git/tree/base/server/cms/src/com/netscape/cms/authentication/UserPwdDirAuthentication.java?h=DOGTAG_10_3_BRANCH

I can see the patch file in the downloaded SRPM. 

[root@cloud-qe-07 pki-core-10.3.3]# ls /root/test_1390325/
pki-core-10.3.3                                     pki-core-Fix-build-on-Fedora-25.patch                 pki-core-snapshot-2.patch
pki-core-10.3.3-13.el7_3.src.rpm                    pki-core-KRA-external-CA-partial-cert-chain.patch     pki-core-snapshot-3.patch
pki-core-10.3.3.tar.gz                              pki-core-KRA-key-recovery-via-CLI-in-FIPS-mode.patch  pki-core-snapshot-4.patch
pki-core-beta.patch                                 pki-core-post-re-base.patch                           pki-core.spec
pki-core-compare-serial-DNs-host-authz-check.patch  pki-core-problems-with-FIPS-mode.patch                pki-core-two-step-external-CA-authorityID.patch
pki-core-eliminate-duplicate-classes-in-jars.patch  pki-core-snapshot-1.patch                             pki-core-typo-in-UserPwdDirAuthentication.patch

I also verified the fix upstream in the file mentioned above.

Hence marking this bug verified.

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2881.html