From b941befe083a02ed0e4d5bc6c3c50f1a82f04012 Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Thu, 23 Jan 2020 12:22:21 -0500
Subject: [PATCH] Issue 50850 - Fix dsctl healthcheck for python36

Description:  dsctl health check, specifically the certificate expiring
              checks, were using python37 specific functions, but these
              do not work on python36.  Needed to replace fromisoformat()
              with something more portable.

relates: https://pagure.io/389-ds-base/issue/50850

Reviewed by: firstyear(Thanks!)
---
 src/lib389/lib389/nss_ssl.py | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/lib389/lib389/nss_ssl.py b/src/lib389/lib389/nss_ssl.py
index 2a7d1637c..41b19caa4 100644
--- a/src/lib389/lib389/nss_ssl.py
+++ b/src/lib389/lib389/nss_ssl.py
@@ -79,13 +79,15 @@ class NssSsl(object):
             cert_list.append(self.get_cert_details(cert[0]))
 
         for cert in cert_list:
-            if date.fromisoformat(cert[3].split()[0]) - date.today() < timedelta(days=0):
+            cert_date = cert[3].split()[0]
+            diff_date = datetime.strptime(cert_date, '%Y-%m-%d').date() - datetime.today().date()
+            if diff_date < timedelta(days=0):
                 # Expired
                 report = copy.deepcopy(DSCERTLE0002)
                 report['detail'] = report['detail'].replace('CERT', cert[0])
                 yield report
-            elif date.fromisoformat(cert[3].split()[0]) - date.today() < timedelta(days=30):
-                # Expiring
+            elif diff_date < timedelta(days=30):
+                # Expiring within 30 days
                 report = copy.deepcopy(DSCERTLE0001)
                 report['detail'] = report['detail'].replace('CERT', cert[0])
                 yield report
-- 
2.21.1