From: Vladimír Čunát <vladimir.cunat@nic.cz>
Date: Wed, 28 Aug 2024 11:28:02 +0000 (+0200)
Subject: daemon/tls: drop a DEBUG section
X-Git-Tag: v6.0.9~24^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=80f9f86f6ba9b45166bee2c41e017a839344e9a2;p=thirdparty%2Fknot-resolver.git

daemon/tls: drop a DEBUG section

The new pin logging is better than this.  No need to recompile with -DDEBUG (rare).
---

diff --git a/daemon/tls.c b/daemon/tls.c
index b682285a2..1aa24b299 100644
--- a/daemon/tls.c
+++ b/daemon/tls.c
@@ -775,20 +775,6 @@ static int client_verify_pin(const unsigned int cert_list_size,
 			return ret;
 		}
 
-	#ifdef DEBUG
-		if (kr_log_is_debug(TLS, NULL)) {
-			char pin_base64[TLS_SHA256_BASE64_BUFLEN];
-			/* DEBUG: additionally compute and print the base64 pin.
-			 * Not very efficient, but that's OK for DEBUG. */
-			ret = get_oob_key_pin(cert, pin_base64, sizeof(pin_base64), false);
-			if (ret == GNUTLS_E_SUCCESS) {
-				VERBOSE_MSG(true, "received pin: %s\n", pin_base64);
-			} else {
-				VERBOSE_MSG(true, "failed to convert received pin\n");
-				/* Now we hope that `ret` below can't differ. */
-			}
-		}
-	#endif
 		char cert_pin[TLS_SHA256_RAW_LEN];
 		/* Get raw pin and compare. */
 		ret = get_oob_key_pin(cert, cert_pin, sizeof(cert_pin), true);