From: Russ Cox Date: Thu, 14 Mar 2019 00:06:37 +0000 (-0400) Subject: crypto/x509: move debug prints to standard error X-Git-Tag: go1.13beta1~1044 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=f6695a15e15713cdac16978837d8b01ef4999279;p=gostls13.git crypto/x509: move debug prints to standard error Standard output is reserved for actual program output. Debug print should be limited in general (here they are enabled by an environment variable) and always go to standard error. Came across by accident. Change-Id: I1490be71473520f049719572b3acaa0ea9f9e5c1 Reviewed-on: https://go-review.googlesource.com/c/go/+/167502 Run-TryBot: Russ Cox TryBot-Result: Gobot Gobot Reviewed-by: Filippo Valsorda --- diff --git a/src/crypto/x509/root_darwin.go b/src/crypto/x509/root_darwin.go index 9b8a1cca7d..2f6a8b8d60 100644 --- a/src/crypto/x509/root_darwin.go +++ b/src/crypto/x509/root_darwin.go @@ -58,7 +58,7 @@ func execSecurityRoots() (*CertPool, error) { return nil, err } if debugDarwinRoots { - fmt.Printf("crypto/x509: %d certs have a trust policy\n", len(hasPolicy)) + fmt.Fprintf(os.Stderr, "crypto/x509: %d certs have a trust policy\n", len(hasPolicy)) } keychains := []string{"/Library/Keychains/System.keychain"} @@ -68,7 +68,7 @@ func execSecurityRoots() (*CertPool, error) { home, err := os.UserHomeDir() if err != nil { if debugDarwinRoots { - fmt.Printf("crypto/x509: can't get user home directory: %v\n", err) + fmt.Fprintf(os.Stderr, "crypto/x509: can't get user home directory: %v\n", err) } } else { keychains = append(keychains, @@ -148,7 +148,7 @@ func execSecurityRoots() (*CertPool, error) { wg.Wait() if debugDarwinRoots { - fmt.Printf("crypto/x509: ran security verify-cert %d times\n", numVerified) + fmt.Fprintf(os.Stderr, "crypto/x509: ran security verify-cert %d times\n", numVerified) } return roots, nil @@ -205,12 +205,12 @@ func verifyCertWithSystem(cert *Certificate) bool { } if err := cmd.Run(); err != nil { if debugDarwinRoots { - fmt.Printf("crypto/x509: verify-cert rejected %s: %q\n", cert.Subject, bytes.TrimSpace(stderr.Bytes())) + fmt.Fprintf(os.Stderr, "crypto/x509: verify-cert rejected %s: %q\n", cert.Subject, bytes.TrimSpace(stderr.Bytes())) } return false } if debugDarwinRoots { - fmt.Printf("crypto/x509: verify-cert approved %s\n", cert.Subject) + fmt.Fprintf(os.Stderr, "crypto/x509: verify-cert approved %s\n", cert.Subject) } return true } @@ -243,7 +243,7 @@ func getCertsWithTrustPolicy() (map[string]bool, error) { // localized on macOS, just interpret any failure to mean that // there are no trust settings. if debugDarwinRoots { - fmt.Printf("crypto/x509: exec %q: %v, %s\n", cmd.Args, err, stderr.Bytes()) + fmt.Fprintf(os.Stderr, "crypto/x509: exec %q: %v, %s\n", cmd.Args, err, stderr.Bytes()) } return nil }