mirror of
https://github.com/golang/go
synced 2024-09-29 23:14:29 -06:00
crypto/x509: move debug prints to standard error
Standard output is reserved for actual program output. Debug print should be limited in general (here they are enabled by an environment variable) and always go to standard error. Came across by accident. Change-Id: I1490be71473520f049719572b3acaa0ea9f9e5c1 Reviewed-on: https://go-review.googlesource.com/c/go/+/167502 Run-TryBot: Russ Cox <rsc@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org>
This commit is contained in:
parent
1024b25d0c
commit
f6695a15e1
@ -58,7 +58,7 @@ func execSecurityRoots() (*CertPool, error) {
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if debugDarwinRoots {
|
if debugDarwinRoots {
|
||||||
fmt.Printf("crypto/x509: %d certs have a trust policy\n", len(hasPolicy))
|
fmt.Fprintf(os.Stderr, "crypto/x509: %d certs have a trust policy\n", len(hasPolicy))
|
||||||
}
|
}
|
||||||
|
|
||||||
keychains := []string{"/Library/Keychains/System.keychain"}
|
keychains := []string{"/Library/Keychains/System.keychain"}
|
||||||
@ -68,7 +68,7 @@ func execSecurityRoots() (*CertPool, error) {
|
|||||||
home, err := os.UserHomeDir()
|
home, err := os.UserHomeDir()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if debugDarwinRoots {
|
if debugDarwinRoots {
|
||||||
fmt.Printf("crypto/x509: can't get user home directory: %v\n", err)
|
fmt.Fprintf(os.Stderr, "crypto/x509: can't get user home directory: %v\n", err)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
keychains = append(keychains,
|
keychains = append(keychains,
|
||||||
@ -148,7 +148,7 @@ func execSecurityRoots() (*CertPool, error) {
|
|||||||
wg.Wait()
|
wg.Wait()
|
||||||
|
|
||||||
if debugDarwinRoots {
|
if debugDarwinRoots {
|
||||||
fmt.Printf("crypto/x509: ran security verify-cert %d times\n", numVerified)
|
fmt.Fprintf(os.Stderr, "crypto/x509: ran security verify-cert %d times\n", numVerified)
|
||||||
}
|
}
|
||||||
|
|
||||||
return roots, nil
|
return roots, nil
|
||||||
@ -205,12 +205,12 @@ func verifyCertWithSystem(cert *Certificate) bool {
|
|||||||
}
|
}
|
||||||
if err := cmd.Run(); err != nil {
|
if err := cmd.Run(); err != nil {
|
||||||
if debugDarwinRoots {
|
if debugDarwinRoots {
|
||||||
fmt.Printf("crypto/x509: verify-cert rejected %s: %q\n", cert.Subject, bytes.TrimSpace(stderr.Bytes()))
|
fmt.Fprintf(os.Stderr, "crypto/x509: verify-cert rejected %s: %q\n", cert.Subject, bytes.TrimSpace(stderr.Bytes()))
|
||||||
}
|
}
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
if debugDarwinRoots {
|
if debugDarwinRoots {
|
||||||
fmt.Printf("crypto/x509: verify-cert approved %s\n", cert.Subject)
|
fmt.Fprintf(os.Stderr, "crypto/x509: verify-cert approved %s\n", cert.Subject)
|
||||||
}
|
}
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
@ -243,7 +243,7 @@ func getCertsWithTrustPolicy() (map[string]bool, error) {
|
|||||||
// localized on macOS, just interpret any failure to mean that
|
// localized on macOS, just interpret any failure to mean that
|
||||||
// there are no trust settings.
|
// there are no trust settings.
|
||||||
if debugDarwinRoots {
|
if debugDarwinRoots {
|
||||||
fmt.Printf("crypto/x509: exec %q: %v, %s\n", cmd.Args, err, stderr.Bytes())
|
fmt.Fprintf(os.Stderr, "crypto/x509: exec %q: %v, %s\n", cmd.Args, err, stderr.Bytes())
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user