From ff3a7bc17b66b73f5cf155a2ffb62ccd85f9e9bc Mon Sep 17 00:00:00 2001
From: "John A. Barbuto" <jbarbuto@corp.sourceforge.com>
Date: Mon, 26 Oct 2009 14:02:35 -0700
Subject: Re-fixed #2750 - Stop disabling the CRL or checking for a disabled
 CRL

This was deprecated in commit 1cfb0215 and was keeping puppetd from starting in listen mode.

Signed-off-by: John A. Barbuto <jbarbuto@corp.sourceforge.com>
---
 lib/puppet/sslcertificates/ca.rb | 5 -----
 1 file changed, 5 deletions(-)

(limited to 'lib/puppet/sslcertificates')

diff --git a/lib/puppet/sslcertificates/ca.rb b/lib/puppet/sslcertificates/ca.rb
index b0bcdb612..b5a246969 100644
--- a/lib/puppet/sslcertificates/ca.rb
+++ b/lib/puppet/sslcertificates/ca.rb
@@ -194,9 +194,6 @@ class Puppet::SSLCertificates::CA
     # Revoke the certificate with serial number SERIAL issued by this
     # CA. The REASON must be one of the OpenSSL::OCSP::REVOKED_* reasons
     def revoke(serial, reason = OpenSSL::OCSP::REVOKED_STATUS_KEYCOMPROMISE)
-        if @config[:cacrl] == 'false'
-            raise Puppet::Error, "Revocation requires a CRL, but ca_crl is set to 'false'"
-        end
         time = Time.now
         revoked = OpenSSL::X509::Revoked.new
         revoked.serial = serial
@@ -344,8 +341,6 @@ class Puppet::SSLCertificates::CA
             @crl = OpenSSL::X509::CRL.new(
                 File.read(@config[:cacrl])
             )
-        elsif @config[:cacrl] == 'false'
-            @crl = nil
         else
             # Create new CRL
             @crl = OpenSSL::X509::CRL.new
-- 
cgit