From: Daniel Kahn Gillmor Date: Mon, 18 Oct 2010 06:28:35 +0000 (-0400) Subject: only try to parse the certificate client side at verbose or noisier log_level X-Git-Tag: msva-perl_debian/0.6-1~3^2~21 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=6cb55e30ae120a1ad520645d312c99389d672c0b;p=monkeysphere-validation-agent.git only try to parse the certificate client side at verbose or noisier log_level --- diff --git a/Crypt/Monkeysphere/MSVA/Client.pm b/Crypt/Monkeysphere/MSVA/Client.pm index f586f9a..751f5f5 100644 --- a/Crypt/Monkeysphere/MSVA/Client.pm +++ b/Crypt/Monkeysphere/MSVA/Client.pm @@ -86,16 +86,21 @@ $self->log('debug', "pkctype: %s\n", $pkctype); if ($pkctype eq 'x509der') { - if (Module::Load::Conditional::can_load('modules' => { 'Crypt::X509' => undef })) { - my $cert = Crypt::X509->new(cert => $pkcdata); - if ($cert->error) { - die; - }; - $self->log('info', "x509der certificate loaded.\n"); - $self->log('verbose', "cert subject: %s\n", $cert->subject_cn()); - $self->log('verbose', "cert issuer: %s\n", $cert->issuer_cn()); - $self->log('verbose', "cert pubkey algo: %s\n", $cert->PubKeyAlg()); - $self->log('verbose', "cert pubkey: %s\n", unpack('H*', $cert->pubkey())); + if $self->{logger}->is_logging_at('verbose') { + if (Module::Load::Conditional::can_load('modules' => { 'Crypt::X509' => undef })) { + my $cert = Crypt::X509->new(cert => $pkcdata); + if ($cert->error) { + $self->log('error', "failed to parse this X.509 cert before sending it to the agent\n"); + } else { + $self->log('info', "x509der certificate loaded.\n"); + $self->log('verbose', "cert subject: %s\n", $cert->subject_cn()); + $self->log('verbose', "cert issuer: %s\n", $cert->issuer_cn()); + $self->log('verbose', "cert pubkey algo: %s\n", $cert->PubKeyAlg()); + $self->log('verbose', "cert pubkey: %s\n", unpack('H*', $cert->pubkey())); + } + } else { + $self->log('verbose', "X.509 cert going to agent but we cannot inspect it without Crypt::X509\n"); + } } } else { $self->log('error', "unknown pkc type '%s'.\n", $pkctype);