From: Alberto Leiva Popper <ydahhrk@gmail.com>
Date: Mon, 30 Sep 2019 20:38:09 +0000 (-0500)
Subject: Print two debug messages properly
X-Git-Tag: v1.1.0~1^2~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c468bfdaa1fb9882241b64404e895aa65b9bbcca;p=thirdparty%2FFORT-validator.git

Print two debug messages properly

These were always being sent to standard output.
They are now handed by syslog properly when appropriate like
everything else.
---

diff --git a/src/object/certificate.c b/src/object/certificate.c
index a81afe1f..11c7ee52 100644
--- a/src/object/certificate.c
+++ b/src/object/certificate.c
@@ -45,6 +45,23 @@ struct bgpsec_ski {
 	unsigned char **ski_data;
 };
 
+static void
+debug_serial_number(BIGNUM *number)
+{
+#ifdef DEBUG
+	char *number_str;
+
+	number_str = BN_bn2dec(number);
+	if (number_str == NULL) {
+		crypto_err("Could not convert BN to string");
+		return;
+	}
+
+	pr_debug("serial Number: %s", number_str);
+	free(number_str);
+#endif
+}
+
 static int
 validate_serial_number(X509 *cert)
 {
@@ -60,11 +77,7 @@ validate_serial_number(X509 *cert)
 	if (number == NULL)
 		return crypto_err("Could not parse certificate serial number");
 
-#ifdef DEBUG
-	fprintf(stdout, "serial Number: ");
-	BN_print_fp(stdout, number);
-	fprintf(stdout, "\n");
-#endif
+	debug_serial_number(number);
 
 	error = x509stack_store_serial(validation_certstack(state), number);
 	if (error)
diff --git a/src/object/crl.c b/src/object/crl.c
index 585cf7a6..d2a94832 100644
--- a/src/object/crl.c
+++ b/src/object/crl.c
@@ -38,15 +38,38 @@ end:
 	return error;
 }
 
+static void
+debug_revoked(ASN1_INTEGER const *serial_int)
+{
+#ifdef DEBUG
+	BIGNUM *serial_bn;
+	char *serial_str;
+
+	serial_bn = ASN1_INTEGER_to_BN(serial_int, NULL);
+	if (serial_bn == NULL) {
+		crypto_err("Could not parse revoked serial number");
+		return;
+	}
+
+	serial_str = BN_bn2dec(serial_bn);
+	if (serial_str == NULL) {
+		crypto_err("Could not convert BN to string");
+		goto end;
+	}
+
+	pr_debug("Revoked: %s", serial_str);
+
+	free(serial_str);
+end:	BN_free(serial_bn);
+#endif
+}
+
 static int
 validate_revoked(X509_CRL *crl)
 {
 	STACK_OF(X509_REVOKED) *revoked_stack;
 	X509_REVOKED *revoked;
 	ASN1_INTEGER const *serial_int;
-#ifdef DEBUG
-	BIGNUM *serial_bn;
-#endif
 	int i;
 
 	revoked_stack = X509_CRL_get_REVOKED(crl);
@@ -62,18 +85,7 @@ validate_revoked(X509_CRL *crl)
 			    i + 1);
 		}
 
-#ifdef DEBUG
-		serial_bn = ASN1_INTEGER_to_BN(serial_int, NULL);
-		if (serial_bn == NULL) {
-			crypto_err("Could not parse revoked serial number");
-			continue;
-		}
-
-		fprintf(stdout, "Revoked: ");
-		BN_print_fp(stdout, serial_bn);
-		BN_free(serial_bn);
-		fprintf(stdout, "\n");
-#endif
+		debug_revoked(serial_int);
 
 		if (X509_REVOKED_get0_revocationDate(revoked) == NULL) {
 			return pr_err("CRL's revoked entry #%d lacks a revocation date.",