log certificate serial in verbose() messages to match the main

auth success/fail message; ok dtucker@

diff --git a/usr.bin/ssh/auth2-pubkey.c b/usr.bin/ssh/auth2-pubkey.c
index 4d620ee..a1e1b4c 100644 (file)
--- a/usr.bin/ssh/auth2-pubkey.c
+++ b/usr.bin/ssh/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.54 2015/10/27 01:44:45 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -793,8 +793,9 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
                                free(fp);
                                continue;
                        }
-                       verbose("Accepted certificate ID \"%s\" "
+                       verbose("Accepted certificate ID \"%s\" (serial %llu) "
                            "signed by %s CA %s via %s", key->cert->key_id,
+                           (unsigned long long)key->cert->serial,
                            key_type(found), fp, file);
                        free(fp);
                        found_key = 1;
@@ -872,8 +873,10 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
        if (auth_cert_options(key, pw) != 0)
                goto out;
 
-       verbose("Accepted certificate ID \"%s\" signed by %s CA %s via %s",
-           key->cert->key_id, key_type(key->cert->signature_key), ca_fp,
+       verbose("Accepted certificate ID \"%s\" (serial %llu) signed by "
+           "%s CA %s via %s", key->cert->key_id,
+           (unsigned long long)key->cert->serial,
+           key_type(key->cert->signature_key), ca_fp,
            options.trusted_user_ca_keys);
        ret = 1;