crypto/x509: better debug output for verify-cert calls

Now that pkix.Name offers String() we should use that as some CN's are blank. Updates #24084 Change-Id: I268196f04b98c2bd4d5d0cf1fecd2c9bafeec0f1 Reviewed-on: https://go-review.googlesource.com/121357Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

crypto/x509: better debug output for verify-cert calls
Now that pkix.Name offers String() we should use that as some CN's are blank. Updates #24084 Change-Id: I268196f04b98c2bd4d5d0cf1fecd2c9bafeec0f1 Reviewed-on: https://go-review.googlesource.com/121357Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
1a3957b8 · Adam Shannon · Brad Fitzpatrick · ed333353 · 1a3957b8
Commit 1a3957b8 authored Jun 27, 2018 by Adam Shannon Committed by Brad Fitzpatrick Jun 28, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

src/crypto/x509/root_darwin.go src/crypto/x509/root_darwin.go +2 -2

No files found.
--- a/src/crypto/x509/root_darwin.go
+++ b/src/crypto/x509/root_darwin.go
@@ -181,12 +181,12 @@ func verifyCertWithSystem(block *pem.Block, cert *Certificate) bool {
 	}
 	if err := cmd.Run(); err != nil {
 		if debugExecDarwinRoots {
-			println(fmt.Sprintf("crypto/x509: verify-cert rejected %s: %q", cert.Subject.CommonName, bytes.TrimSpace(stderr.Bytes())))
+			println(fmt.Sprintf("crypto/x509: verify-cert rejected %s: %q", cert.Subject, bytes.TrimSpace(stderr.Bytes())))
 		}
 		return false
 	}
 	if debugExecDarwinRoots {
-		println(fmt.Sprintf("crypto/x509: verify-cert approved %s", cert.Subject.CommonName))
+		println(fmt.Sprintf("crypto/x509: verify-cert approved %s", cert.Subject))
 	}
 	return true
 }