From 037ea2ced91232a797f0414ed60099d873d543a6 Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Fri, 4 Sep 2015 05:34:32 +0000
Subject: [PATCH] Enable CRL expiration display

---
 cert-updater/main.cpp  | 2 +-
 src/ldapcontroller.cpp | 7 -------
 2 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/cert-updater/main.cpp b/cert-updater/main.cpp
index 3466eaf..5656a5f 100644
--- a/cert-updater/main.cpp
+++ b/cert-updater/main.cpp
@@ -178,7 +178,7 @@ int main(int argc, char *argv[])
 					}
 
 					// CRL
-					if (ldap_mgr->generatePKICRL(m_certconfig.caExpiryDays, m_realmconfig[m_defaultRealm], &errorstring) != 0) {
+					if (ldap_mgr->generatePKICRL(m_certconfig.caExpiryDays, m_realmconfig[m_defaultRealm], KERBEROS_PKI_CRL_FILE, KERBEROS_PKI_PEMKEY_FILE, KERBEROS_PKI_CRLDB_FILE, &errorstring) != 0) {
 						printf("[ERROR] Unable to generate CRL!\n%s\n", errorstring.ascii()); fflush(stdout);
 					}
 
diff --git a/src/ldapcontroller.cpp b/src/ldapcontroller.cpp
index 9575f0b..dfc4286 100644
--- a/src/ldapcontroller.cpp
+++ b/src/ldapcontroller.cpp
@@ -584,10 +584,6 @@ void LDAPController::updateCertDisplay() {
 	}
 
 	// Certificate Revocation List
-// FIXME
-// KSSLCertificate does not appear to understand the CRL format
-// Debug and reactivate this code
-#if 0
 	TQByteArray certificateContents;
 	if (ldap_mgr->getTDECertificate("publicRootCertificateRevocationList", &certificateContents, NULL) == 0) {
 		certExpiry = LDAPManager::getCertificateExpiration(certificateContents);
@@ -609,9 +605,6 @@ void LDAPController::updateCertDisplay() {
 		m_base->crlExpiryString->setText("File not found");
 		m_base->crlExpiryString->setPaletteForegroundColor(CERT_STATUS_COLOR_NOTFOUND);
 	}
-#else
-	m_base->crlExpiryString->setText("Unknown");
-#endif
 
 	delete ldap_mgr;
 }