qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-23 15:20:03 -07:00
Code Releases Activity

crypto/x509: better debug output for verify-cert calls

Browse Source 
Now that pkix.Name offers String() we should use that as some CN's are blank.

Updates #24084

Change-Id: I268196f04b98c2bd4d5d0cf1fecd2c9bafeec0f1
Reviewed-on: https://go-review.googlesource.com/121357
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This commit is contained in:
Adam Shannon 2018-06-27 21:40:22 -05:00 committed by Brad Fitzpatrick
parent ed333353a0
commit 1a3957b828
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/crypto/x509/root_darwin.go
View File

@ -181,12 +181,12 @@ func verifyCertWithSystem(block *pem.Block, cert *Certificate) bool {
} }
if err := cmd.Run(); err != nil { if err := cmd.Run(); err != nil {
if debugExecDarwinRoots { if debugExecDarwinRoots {
println(fmt.Sprintf("crypto/x509: verify-cert rejected %s: %q", cert.Subject.CommonName, bytes.TrimSpace(stderr.Bytes()))) println(fmt.Sprintf("crypto/x509: verify-cert rejected %s: %q", cert.Subject, bytes.TrimSpace(stderr.Bytes())))
} }
return false return false
} }
if debugExecDarwinRoots { if debugExecDarwinRoots {
println(fmt.Sprintf("crypto/x509: verify-cert approved %s", cert.Subject.CommonName)) println(fmt.Sprintf("crypto/x509: verify-cert approved %s", cert.Subject))
} }
return true return true
} }