Merge pull request #31 from rhabacker/openSUSE-13_2

bnc#905622 - Fix yast2-auth-server CA file location

package/yast2-auth-server.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Aug  2 12:37:42 UTC 2016 - ralf.habacker@freenet.de
+
+- bnc#991677 - Fix broken detection of common server certificate CA file
+- 3.1.12
+
 -------------------------------------------------------------------
 Wed Oct  1 10:09:24 UTC 2014 - varkoly@suse.com
 

package/yast2-auth-server.spec

@@ -17,7 +17,7 @@
 
 
 Name:           yast2-auth-server
-Version:        3.1.11
+Version:        3.1.12
 Release:        0
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

src/include/auth-server/dialogs.rb

@@ -1185,7 +1185,7 @@ def SlaveSetupDialog
         Label.NextButton
       )
       ret = nil
-      cacert = "/usr/share/pki/trust/anchors/YaST-CA.pem"
+      cacert = "/etc/pki/trust/anchors/YaST-CA.pem"
 
       while true
         UI.ChangeWidget(:cb_start_tls, :Enabled, false)

src/include/auth-server/tree_structure.rb

@@ -392,7 +392,7 @@ def cb_read_tls
         UI.ChangeWidget(:cb_tls_enabled, :Value, true)
         UI.ChangeWidget(:cb_ssl_listener_enabled, :Enabled, true)
 
-        if Ops.get_string(tls, "caCertFile", "") == "/usr/share/pki/trust/anchors/YaST-CA.pem" &&
+        if Ops.get_string(tls, "caCertFile", "") == "/etc/pki/trust/anchors/YaST-CA.pem" &&
             Ops.get_string(tls, "certFile", "") ==
               "/etc/ssl/servercerts/servercert.pem" &&
             Ops.get_string(tls, "certKeyFile", "") ==
@@ -513,7 +513,7 @@ def cb_input_tls
           if common_cert_available
             UI.ChangeWidget(:cb_use_common_cert, :Enabled, true)
             UI.ChangeWidget(:cb_use_common_cert, :Value, true)
-            UI.ChangeWidget(:te_ca_file, :Value, "/usr/share/pki/trust/anchors/YaST-CA.pem")
+            UI.ChangeWidget(:te_ca_file, :Value, "/etc/pki/trust/anchors/YaST-CA.pem")
             UI.ChangeWidget(
               :te_cert_file,
               :Value,
@@ -539,7 +539,7 @@ def cb_input_tls
         )
         if use_common_cert
           if common_cert_available
-            UI.ChangeWidget(:te_ca_file, :Value, "/usr/share/pki/trust/anchors/YaST-CA.pem")
+            UI.ChangeWidget(:te_ca_file, :Value, "/etc/pki/trust/anchors/YaST-CA.pem")
             UI.ChangeWidget(
               :te_cert_file,
               :Value,

src/modules/AuthServer.pm

@@ -2529,7 +2529,7 @@ sub WriteTlsConfigCommonCert
     my $tlsSettings = {
                 "certKeyFile"  => "/etc/ssl/servercerts/serverkey.pem",
                 "certFile"     => "/etc/ssl/servercerts/servercert.pem",
-                "caCertFile"   => "/usr/share/pki/trust/anchors/YaST-CA.pem",
+                "caCertFile"   => "/etc/pki/trust/anchors/YaST-CA.pem",
                 "caCertDir"    => "",
                 "crlFile"      => "",
                 "crlCheck"     => 0,
@@ -4304,7 +4304,7 @@ sub HaveCommonServerCertificate
     my $self = shift;
     y2milestone("HaveCommonServerCertificate");
 
-    if (SCR->Read(".target.size", '/etc/ssl/certs/YaST-CA.pem') <= 0)
+    if (SCR->Read(".target.size", '/etc/pki/trust/anchors/YaST-CA.pem') <= 0)
     {
         y2milestone("YaST-CA.pem does not exists");
         return YaST::YCP::Boolean(0);

src/modules/YaPI/LdapServer.pm

@@ -1864,7 +1864,7 @@ sub ConfigureCommonServerCertificate {
     $tlsHash->{TLSCertificateFile}    = '/etc/ssl/servercerts/servercert.pem';
     $tlsHash->{TLSCertificateKeyFile} = '/etc/ssl/servercerts/serverkey.pem';
 
-    if(SCR->Read(".target.size", '/usr/share/pki/trust/anchors/YaST-CA.pem') > 0) {
+    if(SCR->Read(".target.size", '/etc/pki/trust/anchors/YaST-CA.pem') > 0) {
         $tlsHash->{TLSCACertificatePath} = '/etc/ssl/certs/';
         $tlsHash->{TLSCACertificateFile} = undef;
     }