Applying patch by Jay to fix #989 -- missing crl files are

correctly ignored, and you now use 'false' instead of 'none' to explicitly ignore them.
author: Luke Kanies <luke@madstop.com> 2008-02-07 15:34:30 -0600
committer: Luke Kanies <luke@madstop.com> 2008-02-07 15:34:30 -0600
commit: b293763f9ef2e134f18bb2c3fdaaaa502aa2c201 (patch)
tree: eaa7e8eb8c4013be2e9c1560182558d393e5f5e7
parent: 2931723bae9e4226ab8eb7f6f806bf9a2ea5cbb8 (diff)
download: puppet-b293763f9ef2e134f18bb2c3fdaaaa502aa2c201.tar.gz
puppet-b293763f9ef2e134f18bb2c3fdaaaa502aa2c201.tar.xz
puppet-b293763f9ef2e134f18bb2c3fdaaaa502aa2c201.zip
6 files changed, 12 insertions, 8 deletions
diff --git a/CHANGELOG b/CHANGELOG
index cfe6657bf..d615ed843 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,7 @@
+    Fixed #989 -- missing CRL files are correctly ignored, and the
+    value should be set to 'false' to explicitly not look for these
+    files.
+
     Fixed #1017 -- environment-specific modulepath is no longer ignored.
 
     Fixing #794 -- consolidating the gentoo configuration files.
diff --git a/bin/puppetd b/bin/puppetd
index 297d4876d..e993d3aa8 100755
--- a/bin/puppetd
+++ b/bin/puppetd
@@ -374,7 +374,7 @@ if Puppet[:listen] and ! options[:onetime]
     # to clients. In the meantime, we just disable CRL checking if
     # the CRL file doesn't exist
     unless File::exist?(Puppet[:cacrl])
-        Puppet[:cacrl] = 'none'
+        Puppet[:cacrl] = 'false' 
     end
 
     handlers = nil
diff --git a/lib/puppet/defaults.rb b/lib/puppet/defaults.rb
index 0c8ac3f82..520a18d1a 100644
--- a/lib/puppet/defaults.rb
+++ b/lib/puppet/defaults.rb
@@ -232,7 +232,7 @@ module Puppet
             :owner => "$user",
             :group => "$group",
             :mode => 0664,
-            :desc => "The certificate revocation list (CRL) for the CA. Set this to 'none' if you do not want to use a CRL."
+            :desc => "The certificate revocation list (CRL) for the CA. Set this to 'false' if you do not want to use a CRL."
         },
         :caprivatedir => { :default => "$cadir/private",
             :owner => "$user",
diff --git a/lib/puppet/network/http_server/webrick.rb b/lib/puppet/network/http_server/webrick.rb
index 3c9f72e17..e4f00dd73 100644
--- a/lib/puppet/network/http_server/webrick.rb
+++ b/lib/puppet/network/http_server/webrick.rb
@@ -22,12 +22,12 @@ module Puppet
             # with them, with flags appropriate for checking client 
             # certificates for revocation
             def x509store
-                if Puppet[:cacrl] == 'none'
+                if Puppet[:cacrl] == 'false'
                     # No CRL, no store needed
                     return nil
                 end
                 unless File.exist?(Puppet[:cacrl])
-                    raise Puppet::Error, "Could not find CRL; set 'cacrl' to 'none' to disable CRL usage"
+                    raise Puppet::Error, "Could not find CRL; set 'cacrl' to 'false' to disable CRL usage"
                 end
                 crl = OpenSSL::X509::CRL.new(File.read(Puppet[:cacrl]))
                 store = OpenSSL::X509::Store.new
diff --git a/lib/puppet/sslcertificates/ca.rb b/lib/puppet/sslcertificates/ca.rb
index a3edd2cb4..888bcf5b2 100644
--- a/lib/puppet/sslcertificates/ca.rb
+++ b/lib/puppet/sslcertificates/ca.rb
@@ -194,8 +194,8 @@ class Puppet::SSLCertificates::CA
     # Revoke the certificate with serial number SERIAL issued by this
     # CA. The REASON must be one of the OpenSSL::OCSP::REVOKED_* reasons
     def revoke(serial, reason = OpenSSL::OCSP::REVOKED_STATUS_KEYCOMPROMISE)
-        if @config[:cacrl] == 'none'
-            raise Puppet::Error, "Revocation requires a CRL, but ca_crl is set to 'none'"
+        if @config[:cacrl] == 'false'
+            raise Puppet::Error, "Revocation requires a CRL, but ca_crl is set to 'false'"
         end
         time = Time.now
         revoked = OpenSSL::X509::Revoked.new
@@ -372,7 +372,7 @@ class Puppet::SSLCertificates::CA
             @crl = OpenSSL::X509::CRL.new(
                 File.read(@config[:cacrl])
             )
-        elsif @config[:cacrl] == 'none'
+        elsif @config[:cacrl] == 'false'
             @crl = nil
         else
             # Create new CRL
diff --git a/lib/puppet/util/settings.rb b/lib/puppet/util/settings.rb
index c84a5bfb1..cf15d3194 100644
--- a/lib/puppet/util/settings.rb
+++ b/lib/puppet/util/settings.rb
@@ -1124,7 +1124,7 @@ Generated on #{Time.now}.
         # the variable 'dir', or adding a slash at the end.
         def munge(value)
             # If it's not a fully qualified path...
-            if value.is_a?(String) and value !~ /^\$/ and value !~ /^\//
+            if value.is_a?(String) and value !~ /^\$/ and value !~ /^\// and value != 'false'
                 # Make it one
                 value = File.join(Dir.getwd, value)
             end
author	Luke Kanies <luke@madstop.com>	2008-02-07 15:34:30 -0600
committer	Luke Kanies <luke@madstop.com>	2008-02-07 15:34:30 -0600
commit	b293763f9ef2e134f18bb2c3fdaaaa502aa2c201 (patch)
tree	eaa7e8eb8c4013be2e9c1560182558d393e5f5e7
parent	2931723bae9e4226ab8eb7f6f806bf9a2ea5cbb8 (diff)
download	puppet-b293763f9ef2e134f18bb2c3fdaaaa502aa2c201.tar.gz puppet-b293763f9ef2e134f18bb2c3fdaaaa502aa2c201.tar.xz puppet-b293763f9ef2e134f18bb2c3fdaaaa502aa2c201.zip