upstream commit

log certificate serial in verbose() messages to match the
 main auth success/fail message; ok dtucker@

Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288

1 files changed, 7 insertions, 4 deletions

diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 5aa319ccc..b1b5b747b 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.54 2015/10/27 01:44:45 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -796,8 +796,9 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
                                 free(fp);
                                 continue;
                         }
-                        verbose("Accepted certificate ID \"%s\" "
+                        verbose("Accepted certificate ID \"%s\" (serial %llu) "
                             "signed by %s CA %s via %s", key->cert->key_id,
+                            (unsigned long long)key->cert->serial,
                             key_type(found), fp, file);
                         free(fp);
                         found_key = 1;
@@ -875,8 +876,10 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
         if (auth_cert_options(key, pw) != 0)
                 goto out;
 
-        verbose("Accepted certificate ID \"%s\" signed by %s CA %s via %s",
-            key->cert->key_id, key_type(key->cert->signature_key), ca_fp,
+        verbose("Accepted certificate ID \"%s\" (serial %llu) signed by "
+            "%s CA %s via %s", key->cert->key_id,
+            (unsigned long long)key->cert->serial,
+            key_type(key->cert->signature_key), ca_fp,
             options.trusted_user_ca_keys);
         ret = 1;