From 80f9f86f6ba9b45166bee2c41e017a839344e9a2 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= <vladimir.cunat@nic.cz>
Date: Wed, 28 Aug 2024 13:28:02 +0200
Subject: [PATCH] daemon/tls: drop a DEBUG section

The new pin logging is better than this.  No need to recompile with -DDEBUG (rare).
---
 daemon/tls.c | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/daemon/tls.c b/daemon/tls.c
index b682285a2..1aa24b299 100644
--- a/daemon/tls.c
+++ b/daemon/tls.c
@@ -775,20 +775,6 @@ static int client_verify_pin(const unsigned int cert_list_size,
 			return ret;
 		}
 
-	#ifdef DEBUG
-		if (kr_log_is_debug(TLS, NULL)) {
-			char pin_base64[TLS_SHA256_BASE64_BUFLEN];
-			/* DEBUG: additionally compute and print the base64 pin.
-			 * Not very efficient, but that's OK for DEBUG. */
-			ret = get_oob_key_pin(cert, pin_base64, sizeof(pin_base64), false);
-			if (ret == GNUTLS_E_SUCCESS) {
-				VERBOSE_MSG(true, "received pin: %s\n", pin_base64);
-			} else {
-				VERBOSE_MSG(true, "failed to convert received pin\n");
-				/* Now we hope that `ret` below can't differ. */
-			}
-		}
-	#endif
 		char cert_pin[TLS_SHA256_RAW_LEN];
 		/* Get raw pin and compare. */
 		ret = get_oob_key_pin(cert, cert_pin, sizeof(cert_pin), true);
-- 
2.47.2