From 39c401b796d4f896dd66e2b55287e8f18e564939 Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Mon, 6 Jan 2014 01:45:56 -0600
Subject: [PATCH] Look for CA file in correct location on bonded machines

---
 src/libtdeldap.cpp | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index fd14928..a416db0 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -2749,9 +2749,9 @@ int LDAPManager::moveKerberosEntries(TQString newSuffix, TQString* errstr) {
 		LDAPMessage* entry;
 		for(entry = ldap_first_entry(m_ldap, msg); entry != NULL; entry = ldap_next_entry(m_ldap, entry)) {
 			char* dn = NULL;
-		
+
 			LDAPMachineInfo machineinfo;
-		
+
 			if((dn = ldap_get_dn(m_ldap, entry)) != NULL) {
 				TQStringList dnParts = TQStringList::split(",", dn);
 				TQString id = dnParts[0];
@@ -2812,7 +2812,7 @@ int LDAPManager::writeLDAPConfFile(LDAPRealmConfig realmcfg, TQString *errstr) {
 			stream << "bind_policy " << m_bindPolicy.lower() << "\n";
 			stream << "pam_password " << m_passwordHash.lower() << "\n";
 			stream << "nss_initgroups_ignoreusers " << m_ignoredUsers << "\n";
-			stream << "tls_cacert " << KERBEROS_PKI_PEM_FILE << "\n";
+			stream << "tls_cacert " << KERBEROS_PKI_PUBLICDIR << realmcfg.admin_server << ".ldap.crt\n";
 		}
 
 		file.close();
@@ -3248,7 +3248,7 @@ int LDAPManager::setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo repl
 					int number_of_parameters = 2;				// 2 primary attributes
 					LDAPMod *mods[number_of_parameters+1];
 					set_up_attribute_operations(mods, number_of_parameters);
-			
+
 					// Load LDAP modification requests from provided data structure
 					i=0;
 					TQStringList syncReplServerList;
@@ -3274,13 +3274,13 @@ int LDAPManager::setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo repl
 					add_single_attribute_operation(mods, &i, "olcMirrorMode", "TRUE");
 					LDAPMod *prevterm = mods[i];
 					mods[i] = NULL;
-			
+
 					// Perform LDAP update
 					retcode = ldap_modify_ext_s(m_ldap, "olcDatabase={0}config,cn=config", mods, NULL, NULL);
-			
+
 					// Clean up
 					clean_up_attribute_operations(i, mods, prevterm, number_of_parameters);
-			
+
 					if (retcode != LDAP_SUCCESS) {
 						if (errstr) *errstr = i18n("<qt>LDAP modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
 						else KMessageBox::error(0, i18n("<qt>LDAP modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
@@ -3295,7 +3295,7 @@ int LDAPManager::setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo repl
 					int number_of_parameters = 2;				// 2 primary attributes
 					LDAPMod *mods[number_of_parameters+1];
 					set_up_attribute_operations(mods, number_of_parameters);
-			
+
 					// Load LDAP modification requests from provided data structure
 					i=0;
 					TQStringList syncReplServerList;
@@ -3321,13 +3321,13 @@ int LDAPManager::setLDAPMasterReplicationSettings(LDAPMasterReplicationInfo repl
 					add_single_attribute_operation(mods, &i, "olcMirrorMode", "TRUE");
 					LDAPMod *prevterm = mods[i];
 					mods[i] = NULL;
-			
+
 					// Perform LDAP update
 					retcode = ldap_modify_ext_s(m_ldap, "olcDatabase={1}hdb,cn=config", mods, NULL, NULL);
-			
+
 					// Clean up
 					clean_up_attribute_operations(i, mods, prevterm, number_of_parameters);
-			
+
 					if (retcode != LDAP_SUCCESS) {
 						if (errstr) *errstr = i18n("<qt>LDAP modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode));
 						else KMessageBox::error(0, i18n("<qt>LDAP modification failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));