Applying patch by Jay to fix #989 -- missing crl files are

correctly ignored, and you now use 'false' instead of 'none'
to explicitly ignore them.

CHANGELOG

@@ -1,3 +1,7 @@
+    Fixed #989 -- missing CRL files are correctly ignored, and the
+    value should be set to 'false' to explicitly not look for these
+    files.
+
     Fixed #1017 -- environment-specific modulepath is no longer ignored.
 
     Fixing #794 -- consolidating the gentoo configuration files.

bin/puppetd

@@ -374,7 +374,7 @@ if Puppet[:listen] and ! options[:onetime]
     # to clients. In the meantime, we just disable CRL checking if
     # the CRL file doesn't exist
     unless File::exist?(Puppet[:cacrl])
-        Puppet[:cacrl] = 'none'
+        Puppet[:cacrl] = 'false' 
     end
 
     handlers = nil

lib/puppet/defaults.rb

@@ -232,7 +232,7 @@ module Puppet
             :owner => "$user",
             :group => "$group",
             :mode => 0664,
-            :desc => "The certificate revocation list (CRL) for the CA. Set this to 'none' if you do not want to use a CRL."
+            :desc => "The certificate revocation list (CRL) for the CA. Set this to 'false' if you do not want to use a CRL."
         },
         :caprivatedir => { :default => "$cadir/private",
             :owner => "$user",

lib/puppet/network/http_server/webrick.rb

@@ -22,12 +22,12 @@ class HTTPServer::WEBrick < WEBrick::HTTPServer
             # with them, with flags appropriate for checking client 
             # certificates for revocation
             def x509store
-                if Puppet[:cacrl] == 'none'
+                if Puppet[:cacrl] == 'false'
                     # No CRL, no store needed
                     return nil
                 end
                 unless File.exist?(Puppet[:cacrl])
-                    raise Puppet::Error, "Could not find CRL; set 'cacrl' to 'none' to disable CRL usage"
+                    raise Puppet::Error, "Could not find CRL; set 'cacrl' to 'false' to disable CRL usage"
                 end
                 crl = OpenSSL::X509::CRL.new(File.read(Puppet[:cacrl]))
                 store = OpenSSL::X509::Store.new

lib/puppet/sslcertificates/ca.rb

@@ -194,8 +194,8 @@ def removeclientcsr(host)
     # Revoke the certificate with serial number SERIAL issued by this
     # CA. The REASON must be one of the OpenSSL::OCSP::REVOKED_* reasons
     def revoke(serial, reason = OpenSSL::OCSP::REVOKED_STATUS_KEYCOMPROMISE)
-        if @config[:cacrl] == 'none'
-            raise Puppet::Error, "Revocation requires a CRL, but ca_crl is set to 'none'"
+        if @config[:cacrl] == 'false'
+            raise Puppet::Error, "Revocation requires a CRL, but ca_crl is set to 'false'"
         end
         time = Time.now
         revoked = OpenSSL::X509::Revoked.new
@@ -372,7 +372,7 @@ def init_crl
             @crl = OpenSSL::X509::CRL.new(
                 File.read(@config[:cacrl])
             )
-        elsif @config[:cacrl] == 'none'
+        elsif @config[:cacrl] == 'false'
             @crl = nil
         else
             # Create new CRL

lib/puppet/util/settings.rb

@@ -1124,7 +1124,7 @@ def owner
         # the variable 'dir', or adding a slash at the end.
         def munge(value)
             # If it's not a fully qualified path...
-            if value.is_a?(String) and value !~ /^\$/ and value !~ /^\//
+            if value.is_a?(String) and value !~ /^\$/ and value !~ /^\// and value != 'false'
                 # Make it one
                 value = File.join(Dir.getwd, value)
             end