openssl-pkcs11/openssl-pkcs11-0.4.8-require-debug-to-print.patch

From 58230eb4869fad540fab450b79f325ca76d2320e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Trojnara?= <Michal.Trojnara@stunnel.org>
Date: Wed, 12 Sep 2018 22:42:06 +0200
Subject: [PATCH 22/23] Require DEBUG to print libp11 debugging messages

Printing unneeded warnings was mentioned in #242
---
 src/p11_key.c  | 9 +++++----
 src/p11_pkey.c | 2 ++
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/p11_key.c b/src/p11_key.c
index f73029b..d226b86 100644
--- a/src/p11_key.c
+++ b/src/p11_key.c
@@ -331,10 +331,11 @@ EVP_PKEY *pkcs11_get_key(PKCS11_KEY *key, int isPrivate)
 		if (key->evp_key == NULL)
 			return NULL;
 		kpriv->always_authenticate = CK_FALSE;
-		if(isPrivate) {
-			if(key_getattr_val(key, CKA_ALWAYS_AUTHENTICATE,
-					&kpriv->always_authenticate, sizeof(CK_BBOOL)))
-				fprintf(stderr, "Missing CKA_ALWAYS_AUTHENTICATE attribute\n");
+		if (isPrivate && key_getattr_val(key, CKA_ALWAYS_AUTHENTICATE,
+				&kpriv->always_authenticate, sizeof(CK_BBOOL))) {
+#ifdef DEBUG
+			fprintf(stderr, "Missing CKA_ALWAYS_AUTHENTICATE attribute\n");
+#endif
 		}
 	}
 #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
diff --git a/src/p11_pkey.c b/src/p11_pkey.c
index 95c6458..88cbc79 100644
--- a/src/p11_pkey.c
+++ b/src/p11_pkey.c
@@ -524,8 +524,10 @@ static int pkcs11_try_pkey_ec_sign(EVP_PKEY_CTX *evp_pkey_ctx,
 		unsigned char *sig, size_t *siglen,
 		const unsigned char *tbs, size_t tbslen)
 {
+#ifdef DEBUG
 	fprintf(stderr, "%s:%d pkcs11_try_pkey_ec_sign() not implemented\n",
 		__FILE__, __LINE__);
+#endif
 	return -1;
 }
 
-- 
2.17.1