qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-23 12:50:12 -07:00
Code Releases Activity

crypto/x509: better debug output for verify-cert calls

Browse Source 
Now that pkix.Name offers String() we should use that as some CN's are blank.

Updates #24084

Change-Id: I268196f04b98c2bd4d5d0cf1fecd2c9bafeec0f1
Reviewed-on: https://go-review.googlesource.com/121357
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This commit is contained in:
Adam Shannon 2018-06-27 21:40:22 -05:00 committed by Brad Fitzpatrick
parent ed333353a0
commit 1a3957b828
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/crypto/x509/root_darwin.go
View File

@ -181,12 +181,12 @@ func verifyCertWithSystem(block *pem.Block, cert *Certificate) bool {
}
if err := cmd.Run(); err != nil {
if debugExecDarwinRoots {
println(fmt.Sprintf("crypto/x509: verify-cert rejected %s: %q", cert.Subject.CommonName, bytes.TrimSpace(stderr.Bytes())))
println(fmt.Sprintf("crypto/x509: verify-cert rejected %s: %q", cert.Subject, bytes.TrimSpace(stderr.Bytes())))
}
return false
}
if debugExecDarwinRoots {
println(fmt.Sprintf("crypto/x509: verify-cert approved %s", cert.Subject.CommonName))
println(fmt.Sprintf("crypto/x509: verify-cert approved %s", cert.Subject))
}
return true
}